Bank of America spends $1 billion per year on cybersecurity

The Bank of America CEO Brian Moynihan says the company has ramped its cybersecurity spending to over $1 billion a year, in a new interview.

The Bank of America CEO Brian Moynihan says that the company has ramped its cybersecurity spending to over $1 billion a year.

The company’s centralised global information-security unit has boosted spending in recent years to bolster cyber defences after seeing a jump in threats amid the pandemic.

Speaking to CNBC, Moynihan said: "I became CEO 11 and a half years ago, and we probably spent three to $400m per year on cybersecurity, we’re up over a billion now.

"The institutions around us, other institutions and my peers, spend like amounts, and our contracting parties spend like amounts. In other words there’s a lot of money being spent on this and I think one of the things our industry has done a great job of is work together," he added.

The lender is constantly assessing threats from individuals, groups and governments, and is also scanning the horizon to protect itself against an “Armageddon scenario”, its Chief Operations and Technology Officer, Cathy Bessant, said in an earlier press briefing.

Bessant gave a stark warning about cyberattacks on US financial institutions saying: “There’s no question that the rate and pace of attacks, and the nature of attacks, has grown dramatically.”

“Criminals are by definition very crafty, very entrepreneurial – and times of stress produce opportunities,” she added.

Deloitte survey 

In a recent Deloitte survey of finance executives, 64% said they expect to see cybersecurity budgets keep rising.

The Deloitte and FS-ISAC survey revealed that firms need to prioritise and reinvest in cyber protection programmes. 

For the last three years, respondents identified rapid IT changes and rising complexities as their No. 1 cybersecurity challenge. To help effectively mitigate emerging cyber risks, companies should consider digitally enabling the cyber function within the broader IT service development process, according to the survey. Adopting “security by design” principles during technology development could also help financial institutions create more secure products.

The survey also found that cybersecurity is often included as part of the IT function, and CISOs typically report to the CIO or CTO at their firms, this reflects the need for close integration of cybersecurity and IT. At the same time, financial institutions may want to retain a certain level of independence for cybersecurity, which could help ensure risk management decisions are not overshadowed by IT constraints.

Respondents cited emerging technologies such as cloud, data analytics, and robotic process automation as top cybersecurity investment priorities. Access control, protective technology, and data security were emphasised as rationales.




Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI