In 2017, Equifax, an American credit reporting agency, was the victim of a massive data breach. In just a couple of months, hackers stole personal/sensitive information on 147 million people. In January 2020, the FTC confirmed that Equifax would pay $425 million to the victims.
Cybersecurity in the Financial Services Market: Why It Matters
By 2025, the
global financial services market
is expected to grow to $28,529 billion. The industry remains one of the key drivers of the global economy.
In general, cybersecurity incidents continue to plague the sector, particularly following COVID-19. In fact, since the pandemic began,
74%
of financial firms have experienced a rise in cyber crime, including data breaches, ransomware and phishing, fraud, and account and money theft. The average cost of a data breach in the sector is
$5.83 million
, compared to
$3.86 million
across all sectors. For all these reasons, financial firms must become more aware of the cybersecurity threats to the financial sector.
Cybersecurity Threats to the Financial Sector
Regulatory Inaction
Regulations in the financial industry protect customers from fraud, and prevent companies from taking excessive risks. Laws like Sarbanes-Oxley (SOX) and standards like Payment Card Industry Data Security Standards (PCI-DSS) are part of this regulatory regime. Without them, financial companies and customers are vulnerable to cybercrime.
However, many financial firms face cybersecurity compliance challenges due to:
- Increased use of endpoint devices: More devices, more risks
- Cloud adoption: Data and asset sprawl make tracking and control difficult, and increases cybersecurity risks
It can also be challenging to stay updated with evolving compliance regulations.
Human Errors: Employees and Third Parties
In 2019, 53% of breached organizations revealed that human error was the primary cause of the breach (Shred-it). Many errors originate from clueless employees, using weak passwords, mis-sending email, using unauthorized software, and other poor cybersecurity hygiene practices. Careless vendors or suppliers are also a huge cybersecurity threat to the financial sector. In 2019, data breaches linked to vendors (“Supply Chain Attacks”) increased the average cost by
$207,411. Greater interconnectivity creates more entry points and exploitable vulnerabilities that introduce more cybersecurity risks.
External Threat Actors
Malicious ex-employees and external threat actors are also a serious source of cybersecurity threats to the financial sector. In 2020, 56% of attacks against financial institutions were carried out by external threat actors motivated by financial gain (Verizon), usually via:
- Credential attacks
- Phishing
- Ransomware
Social engineering attacks accounted for 81% of data breaches (Verizon), where criminals stole PII, credentials, and bank data.
State-sponsored Attacks
State-sponsored attacks are a serious concern for the financial services industry. Unlike individual attackers, their goal is not financial gain, but to steal and exfiltrate PII, financial secrets or intellectual property. The intruders break into a network, implant malware, and maintain an imperceptible presence until they can siphon off the targeted data. The good ones can even cover their tracks to avoid discovery.
Cybersecurity Strategy For Financial Institutions
Following numerous cyberattacks on financial institutions in 2020, cybersecurity in the financial industry is more vital than ever. Here are some ways financial firms can protect themselves.
Establish a Formal Cybersecurity Framework
Financial institutions can manage cybersecurity risk with a robust cyber risk management framework. Numerous tried-and-tested frameworks already exist, so they don’t need to start from scratch:
In addition, the
Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook
provides comprehensive guidelines to help financial firms improve their security and compliance.
Assess and Manage Vulnerabilities
In 2020, scanning and exploiting vulnerabilities were among the top infection vectors (IBM). As more vulnerabilities are discovered, the risk surface will grow. This is a particularly serious problem for financial institutions, since they manage massive amounts of data and money.
Other key developments that create significant cybersecurity vulnerabilities:
- Increasing number of apps in enterprise IT
- Growth of shadow IT
- Remote work
- Bring Your Own Device (BYOD) policies
- Adoption of Internet of Things (IoT) technology
To mitigate these risks, financial organisations must proactively assess and eliminate open vulnerabilities. Other strategies like regular software updates/patches and penetration testing are also crucial to boost cybersecurity in finance.
Adopt Continuous Security Monitoring
As threats evolve, financial companies are at risk of data theft, credential compromise, extortion attempts, and even espionage. This is why continuous security monitoring (CSM) is a must for effective cybersecurity in finance.
CSM is an automation-powered threat detection strategy where the IT ecosystem is continuously scanned to find security weaknesses. When gaps are discovered, alerts are sent to a
Security Incident And Event Management (SIEM) system . The approach enables companies to boost security, manage vendor risks, and improve compliance.
Manage Third-party Risks
Third-party risk management should be a component of the cybersecurity policy for financial institutions. It enables firms to identify and mitigate security risks arising from third-party vendors, partners, and suppliers. For maximum effectiveness, companies must continuously catalogue risks, assign risk levels to each vendor, verify their security posture, and use this information to guide their cybersecurity strategy. They must also limit third-party access to critical assets and data.
Invest in Employee Cybersecurity Training
Since human errors are common causes of cybersecurity breaches in the banking industry, it’s vital to build a cyber-aware workforce. Employees must be trained on the various cybersecurity risks and the best practices to prevent breaches. The program should teach them how to spot phishing schemes, strengthen password security, and guard against social engineering attacks. It should also demonstrate the risks of remote work, and how to mitigate them effectively.
Conclusion
Financial organizations are becoming an increasingly lucrative targets for cybercriminals. However, they can boost their cyber defences to evade threats and protect their assets and customers. For strong cybersecurity in finance, they must take a holistic, multi-pronged and balanced approach. This means they should invest in both technological and human solutions. Failing to do so could be catastrophic.
Share
