‘Attackers don’t break in, they log in’: Sibos 2025 Day 2 zeroes in on AI-driven cyber risk and the power of strategic partnerships

Sibos 2025 rolled into its second day on Tuesday with momentum to spare, blending high-calibre content, nonstop networking, and even a pit stop for attendees to compete on racing simulators. Conversations across the halls repeatedly returned to one urgent throughline: securing funds and fortifying the financial system through tighter, smarter collaboration as new risks surface and evolve.

“Attackers don’t break in, they log in”
The morning opened in Frankfurt with a standout panel, The future of financial cybersecurity: Emerging threats and resiliency, bringing together Cory Wilson, deputy assistant secretary at the US Department of the Treasury; Lisa Lee, global lead for financial services for Microsoft’s Office of the CISO; Paul Gillen, managing director at Barclays; and Ruth Wandhöfer, head of European markets at Blackwired.

Much of the discussion probed the double-edged nature of generative AI in cyber. Gillen argued the technology is currently skewed toward offense rather than defense, saying it is “being more abused than it has been integrated into tooling used to defend ourselves.” He pointed to a surge in AI-enhanced fraud, from deepfake videos and synthetic voice attacks to highly convincing, AI-generated KYC documentation that can slip through inadequate controls.

Speakers underscored how widely available AI tools have lowered the bar for cybercriminals and opportunistic insiders alike. Wilson explained that bad actors enjoy an asymmetry of freedom when adopting new AI: “Malicious actors can go and break whatever they want and there’s no consequence to them, because they don’t have to do anything responsibly, whereas government institutions have to go and bring in AI responsibly into their environments, understand how AI interacts with the rest of their networks and systems, and they have to do that in a way that increases the security and ability of the entire ecosystem.”

Related:
Sibos 2025: AI implementation and core modernisation dominate day one

Defensive innovation, however, is advancing rapidly. Lee likened AI to a force multiplier that frees human analysts to focus on the highest-value work: “Our defenders are trying to find needles in a haystack. But finally, we have a large magnet to help us find needles much, much faster. But the main thing is that we want our humans to be engaged with the needles. We can leave the haystacks to the AI.”

Third-party exposure emerged as another pressing issue. Wandhöfer warned that vendor relationships can continue to create risk long after contracts end: data links, integrations, and cached information often linger in complex environments. “If you look at all the other layers of physical networks, the data packaging, the standards, the movement, this is where the baddies live,” she said, urging institutions to treat supply chain risk as a core security domain rather than a peripheral concern.

Related:
I am right here

The panelists also made the case for taking a more anticipatory approach to threat hunting. Wandhöfer contended that the industry already has sufficient external data to forecast some phishing waves and social engineering campaigns before they strike. “It’s not about hacking into any system. It’s not about going behind any secret firewall. It’s just looking out there at what’s in the wild west of data.”

Legacy technology and identity challenges were cited as enduring obstacles. Lee called out identity management, entitlements, and data tagging as foundational issues that—if unresolved—can undermine the effectiveness of any advanced detection or response toolset. The group emphasized that rehearsed, well-funded incident response plans are no longer optional, especially given the recent cadence of large-scale attacks across sectors.

“With the threat of generative AI, we are seeing geopolitical and nation-state unease,” Gillen said. “I would say if there was ever a time to press pause and do a root and branch review of the cybersecurity posture of your organisations, now is the best time to do it.”

Wilson closed with a reminder that collective action is no longer just a slogan but a prerequisite for resilience: there is a growing recognition that “we’re all in this together, that we have to tackle these problems in a collaborative fashion, because the potential consequences and outcomes of something catastrophic happening are too big to go at it alone.”

Related:
September 2025: Top five new launch stories of the month

“Partnerships are the key to developing your business”
The theme of collaboration also defined a series of conversations on how financial institutions are modernising through selective partnerships. In a discussion with FinTech Futures, Christian Houillon, head of custody products and solutions at BNP Paribas, outlined how strategic technology alliances are helping asset servicers scale capabilities and deliver richer operational support.

“The sense of partnership is to extend our services, to offer our clients some additional added value, something that complements, not replaces,” Houillon said. “It’s not about being the best at doing everything, but teaming up with partners can help us deliver the best to clients.”

Houillon highlighted three collaborations shaping BNP Paribas’ innovation agenda:
– Broadridge, to enhance global class action services and improve the identification, filing, and recovery of investment losses for clients.
– Proxymity, the London-based fintech, to provide a proxy voting solution for local custody general meetings in the UK, Australia, and New Zealand.
– Raquest, a German fintech, to digitise tax processes through its STTI Gateway platform, streamlining cross-border tax workflows.

On emerging technology, Houillon said the bank is making “huge investments” in AI at the group level. “We decided to embed our AI capabilities through a key partnership signed with Mistral AI, and from this, built on our own infrastructure to ensure our clients’ data remains fully protected.” The approach is intended to balance rapid deployment with stringent privacy and security requirements.

While AI dominates headlines, Houillon views distributed ledger technology (