In this article, we would like to show why increased analysis in the area of IT and cyber risks is essential for financial institutions and how this endeavour can be implemented using the fishbone diagram on the digital whiteboard Collaboard. You will also find a concrete practical example of this later on.
IT and cyber risks pose significant challenges for banks, as they threaten the integrity, availability and confidentiality of sensitive data. Increasing digitalisation and networking are expanding the attack surface for cyber criminals, who are using increasingly sophisticated methods.
The fishbone diagram, also known as the Ishikawa diagram, is a proven tool for analysing problems and their causes. It was developed by Kaoru Ishikawa in the 1960s and is often used in quality management and process optimisation. The name "fishbone" is derived from the fishbone-like structure that characterises the diagram.
The fishbone diagram visualises cause-and-effect relationships in a structured format. At the top of the diagram is the central problem or goal, while possible causes are grouped along the "bones". Typical categories include
The fishbone diagram is particularly useful for systematically identifying the causes of a problem. It promotes teamwork by involving everyone involved and is ideal for brainstorming sessions. The visual format makes complex relationships easy to understand and helps to distinguish causes from symptoms.
Fishbone diagram on Collaboard on the topic of cyber risks in banks
In the area of cyber risks, the previously defined fishbone diagram was created quickly and easily using the shape, arrow and text tools in Collaboard. The four users analysed the causes of the risks together and were able to work collaboratively and in real time.
The following points relating to cyber risks were listed in the fishbone diagram and in some cases linked by arrows (see screenshot).
Manpower
Machine
Environment
Material
Method
Management
The effects (consequences) are described on the right-hand side of the diagram, including financial losses, reputational damage, loss of data, regulatory sanctions, business interruption, increased costs.
To summarise, a cyberattack can severely impair the bank's ability to function and cause significant financial and operational challenges. It is therefore essential to use modern digital tools to work together preventively and as a team and to implement robust security strategies.
With the help of the comment function, topics can be discussed directly on the board in the form of chats in order to reflect together and clarify open questions. Comments can be linked directly to texts, images, mind maps, shapes, etc. in order to create clarity via a clear context.
The infinitely large whiteboard surface allows you to zoom in on the board so that additional information can be added to each content point. In this example, the users use moderation cards to discuss the aspect of "impact" from the fishbone diagram. The sticky notes can be scaled as required and also commented on.
Collaboard also offers an Ishikawa diagram template with which you can get started right away.
A multi-page PDF document has also been placed on the board to provide further information on the topic of "Internal & External Impact". For example, existing documents such as security concepts can also be linked directly to information on the board.
Online whiteboards such as Collaboard have established themselves as powerful tools for collaboration and analysis. For banks, they provide a platform to efficiently create and collaborate on a wide range of risk management tools in addition to fishbone diagrams, even when team members are working in different locations.
Online whiteboards enable real-time editing where all participants can contribute their ideas at the same time. This promotes creative exchange and speeds up the analysis process. In addition, data, documents and other tools can be seamlessly integrated, which increases the depth of the discussion.
As IT and cyber risks often affect several departments, online whiteboards facilitate communication between IT, risk and compliance teams. They provide a visual and well-documented basis for measures that also fulfil regulatory requirements.
An interdisciplinary team can use Collaboard to develop a fishbone diagram for cyber risks, add comments in real time and derive to-dos directly from the analysis in the form of sticky notes, mind maps or further documents. Further important functions and benefits of Collaboard specifically for financial institutions can be found on the industry page.
Collaboard is a widely used solution in the financial industry due to its high data protection standards. The software offers various hosting options, e.g. on servers in Switzerland at Microsoft Azure or in Germany at the Open Telekom Cloud. It is also possible to operate Collaboard on-premises or in your own cloud environment.
UBS, for example, uses Microsoft's data centres in Switzerland. In addition to the flexible hosting options, Collaboard offers the highest standards in terms of data encryption and software architecture.
Collaboard is therefore not only a risk management tool, but also provides protection against IT and cyber risks. ISO 27001 certification, role-based access rights and synchronisation with Active Directory groups as well as single sign-on round off Collaboard's security.
The fact that Collaboard is one of the most secure online whiteboards is also demonstrated by the fact that U.S. government agencies use the solution for data with Impact Level 5 and 6, which are the highest protection classes for data => All information on data protection and GDPR with Collaboard.
Finally, regularly checking platforms and tools for compliance with regulatory requirements minimises risks and creates confidence in their use.
IT and cyber risks are a key challenge for banks. Tools such as Collaboard enable a structured analysis to identify weaknesses and develop countermeasures.
The integration of Collaboard into this process promotes collaboration and facilitates documentation, while the increased adherence to data protection and compliance standards creates trust.
The interplay of innovative analysis tools and modern collaboration platforms gives banks the opportunity to arm themselves against the growing threats of the digital world.