How to defend against cyber attacks
Here’s the good news: The financial sector is one of the most regulated and mature industries when it comes to cybersecurity.
After some high-profile breaches, financial organizations are re-establishing governance for security with clearer executive reporting structures. About 22% of Chief Information Security Officers (CISOs) are reporting straight to the CEO.*
Thanks to digital transformation programs, companies are dedicating more of their IT budgets on security. Twenty-three percent of BFSI organizations have a security budget greater than 10% of their IT budget.*
For organizations that have their security governance in place, security budgets fixed and allocated, security products and services on the go, the next step is measurement. Over 60% of organizations in the banking and financial sector track patch management and vulnerability scanning coverage, mean-time to incident recovery, mean-time to detect vulnerabilities and regulatory compliance, and time-to-detect and remediate incidents.*
The security practices of financial institutions have evolved. The security landscape is changing in various practices like data security, application security, API security, network security, end-point security, security monitoring & analytics, and cloud & IoT security. Security assessments for every application in build/release cycle took the top spot for BFSI vertical during the last year.*
Financial institutions understand the need to be cyber resilient and strive to instill cybersecurity within the culture of the organization. Their employees are empowered with knowledge in order to prevent unintentional insider threats and avoid negligence. The most significant step followed by 80% of organizations is to have security policies and formal disciplinary processes in place. This is no surprise, since this is one of the most heavily regulated industries and a breach could involve a direct financial consequence.
Winning the war
New technologies like cloud and IoT are increasing vulnerabilities for financial institutions, and attackers around the world are arming themselves to wage war. Now more than ever, it is crucial for organizations to heighten their level of preparedness and strive to achieve proactive resilience.
Financial institutions have been early adopters of emerging cyber technologies or controls to counter new threats. But it’s vital to review cyber resiliency practices consciously to protect against the onslaught of attacks headed their way.