Financial institutions are increasingly adopting cloud technologies, but with greater caution, finds a survey by the Cloud Security Alliance. Titled “Cyber resiliency in the financial industry 2024”, the report was commissioned and co-developed by the Depository Trust and Clearing Corporation (DTCC). The aim is to “better understand the industry’s knowledge, attitudes, and opinions regarding cyber resiliency and its challenges”.

The report looks at key factors influencing data resilience in financial institutions, juxtaposed against practices in non-financial institutions. Areas examined include the use of frameworks, confidence levels in services, cloud adoption strategies, and regional challenges.

A tool for resilience

One finding observes that “complex financial regulatory environments simplify operational strategies”. As indicated by 78 per cent of respondents, financial institutions “tend to prefer single-cloud environments for ease of management and cost effectiveness”. However, multi-cloud strategies are gaining traction “to avoid vendor lock-in and enhance data sovereignty”.

Advertisement
Posttrade360 event 2025

Compared to non-financial institutions, financial institutions are more reliant on cloud technologies for bolstering operational resilience. 60 per cent of them have cloud technologies focused on disaster recovery and 58 per cent are prioritising infrastructure scalability. The same areas respectively garnered 36 per cent and 41 per cent of votes among non-financial institutions.

Not on cloud nine

When it comes to concerns about cloud technology, cloud and cybersecurity skill gaps came out top with 49 per cent of votes among financial institutions. It is followed by the lack of internal security strategies with 33 per cent, and inadequacy of identity and access management (IAM) systems at 31 per cent.

Data privacy and integrity within generative artificial intelligence (GenAI) is a challenge across the board, with 26 per cent of financial institutions and 24 per cent of non-financial institutions citing it as a top concern.

Tim Cuddihy, managing director, group chief risk officer at DTCC says, “In order to better safeguard against the ever-evolving landscape of cyber threats and operational challenges, financial institutions must adopt a measured approach to data resiliency, one that involves a careful balance between strategic objectives, technological adoption, and regulatory compliance.”