Financial markets are a prime target for cyber attacks because they are “where the money is” and can represent a nation or symbolise capitalism, according to a new report.

The International Organisation of Securities Commissions (IOSCO) paper, called Cyber Security in Securities Markets – An International Perspective, outlines different approaches to cyber security adopted by market participants and regulators worldwide.

It says cyber is not “just another risk” but constitutes “a unique, highly complex and rapidly evolving phenomenon” that jeopardises the integrity and efficiency of financial markets.

The report says PricewaterhouseCoopers’ latest Global State of Information Security Survey questioned 10,000 executives from 127 countries, and found the number of incidents detected by respondents last year was up 38%.

A Ponemon Institute study last year put the average cost of data breaches to companies at $US3.79 million ($5 million), up 23% over the past two years.

IOSCO says the “almost complete digitalisation of data” in securities markets and increasing use of mobile devices, outsourcing and cloud computing make the industry more vulnerable.

“The human element of cyber risk, combined with rapidly evolving technologies in securities markets, suggests this topic requires swift and sustained attention by regulators and market participants,” the report says.

“According to many cyber-security experts, the question for financial market participants is not if a cyber attack will occur but rather when.”

The report says cyber insurance should be a complement to a business’ cyber-security framework – not a replacement.

Global annual gross written premium for cyber insurance is about $US2.5 billion ($3.3 billion), and PricewaterhouseCoopers projects it will be $US7.5 billion by the end of the decade.