JPMorgan Chase is committed to protecting the firm, its customers and clients, as well as the financial system and broader digital ecosystem from cyber threats. As threats grow more sophisticated and digital operations become more complex, effective cyber risk management becomes fundamental to good business practice. To advance the global field of cyber risk management, we are proud to sign, along with 37 other organizations from 8 countries, the Coalition to Reduce Cyber Risk’s (CR2) Cyber Risk Management Pledge (the “Pledge”). The Pledge commits JPMorgan Chase to continuing effective cybersecurity practices and advancing cyber risk management practices across industry sectors and borders. 

The Cyber Risk Management Pledge

We started the CR2 to bring together the world’s leading companies, across jurisdictions and industries, to develop and promote common frameworks to advance best practices of cyber risk management. By signing the Pledge, we are doubling down in our support to advance the adoption of common frameworks and international standards by companies and governments to mitigate cyber risks and facilitate economic growth. 

Why It Matters

Good cybersecurity requires a company to protect itself from ever-evolving adversaries who use social engineering against employees and look for holes and weaknesses in the software, systems and networks that make up a modern organization. Everything that connects to the internet presents a potential weakness that could compromise a company. Managing cyber risk is incredibly complex. It requires understanding quickly evolving adversaries and the potential impact on one’s own business with the thousands of applications and trillions of lines of code that underpin those applications.

Meanwhile, to address the growing cyber threat, governments are implementing a range of cybersecurity policies and regulations at the national and sectoral levels, often resulting in inconsistent or disparate approaches. This fragmented method forces a global company like JPMorgan Chase to build different processes and procedures for individual jurisdictions, making protecting our customers more complex.

Effective cyber risk management is fundamental to good business practice and benefits from common frameworks and shared practices. The Pledge is an important step to securing the global ecosystem, and we call on governments and industries to join us in our commitment to enhancing the security of the digital world.