The admission by Tan Su Shan, CEO of 🔗DBS, that cyber threats are what truly “keep her up at night” echoes a growing sentiment across the global C-suite. A breach at a single point, whether that’s a major clearinghouse, a cloud provider, or a regional bank, can trigger a domino effect across the entire financial ecosystem. The risk has moved from a theoretical possibility to a primary strategic concern for regulators and institutional leaders alike.
AI as a Defence and Attack Boost
Industry commentators have long been highlighting the duality of AI in providing defenders with capabilities for real-time anomaly detection and automated response but of course the flip side is it equips adversaries with sophisticated tools.
Modern threat actors are using Generative AI to create highly convincing phishing campaigns and adaptive malware that can bypass traditional perimeter defences. The speed at which these threats evolve means that static security protocols are no longer sufficient.
🔗Read more on the IMF’s assessment of Cyber Risk as a Global Financial Stability Threat
The Importance of Resilience
True cyber security in 2026 is shifting its focus from protection to resilience. Resilience acknowledges that while prevention is vital, the ability to detect, contain, and recover from a breach with minimal disruption to services is the true hallmark of a secure institution. The key pillars of a resilient framework include:
Zero-Trust Architecture |
Assuming that no entity inside or outside the network is inherently safe. |
Third-Party Risk Management |
Rigorous auditing of the supply chain, as modern banks rely heavily on external software and infrastructure providers. |
AI-Enhanced Monitoring |
Utilising machine learning to identify patterns that human analysts might overlook amidst the noise of millions of daily transactions. |
Collaborative Defence for Cyber Resilience
The financial sector is uniquely targeted because of its role as the backbone of global commerce. Addressing these fears requires a shift from siloed security to a collaborative model where intelligence is shared across the industry to identify emerging vectors before they become widespread.
🔗 Explore the NCSC’s guidance on supply chain security and systemic resilience
As the complexity of the threat landscape grows, the gap between those who react and those who anticipate will only widen. For financial leaders, the goal is not just to secure their own four walls, but to ensure they are not the weak link in the global chain.
This article was prepared by Lance Nevill, a vCISO at Mondas (find Lance on 🔗LinkedIn).
Mondas specialise in the topics of AI-driven security and systemic risk management. If your organisation is navigating the complexities outlined in this article, reach out to our team today for an expert consultation.
Article first published: 08/05/2026
