This article discusses:  

• Why financial services companies are particularly at risk for data breaches
• Vulnerabilities created by new technologies (cloud, blockchain, IoT)
• How financial services companies can take proactive measures

The financial services sector faced 348 significant publicly reported cybersecurity breaches during last year, with personally identifiable information (PII) and financial record data being the most sought after^.*.

Cyberattacks have moved on from traditional techniques and have become more targeted and sector-specific. The IntSights alerts data for the year gone by, highlights that retail (10%), automotive (8%) and financial services (8%) were among the most targeted sectors^.*.

Financial sector under cyber attack

Due to the nature of the data it holds, the banking, financial services and insurance (BFSI) sector is one of the most regulated and mature industries when it comes to cybersecurity. Digitalization has transformed multiple channels and enhanced user experience. Figure 1 lists the major cybersecurity-related trends in the financial services industry.

Attacks are growing more sophisticated

Cyber attackers have become more sophisticated, engineering targeted strikes resulting in a higher breach rate. They are operating in stealth mode making detection more difficult. Figure 2 shows the split of data breaches across various verticals, last year. Healthcare and BFSI saw the greatest number of breaches. Twenty percent of significant publicly recorded data breaches were from the financial services sector^.*

Attackers get intelligence around their targets’ assets, suppliers and defenses, to carry out sophisticated attacks successfully. From identifying company and employee assets to analyzing the vulnerabilities in the defense layer, attackers are leaving no stone unturned.

Financial services are known targets of phishing attacks with elements of social engineering. The use of fake profiles to phish bank clients’ credentials and data is a well-known practice of hackers and scammers. In addition, whaling attacks that target CEOs and other C-level executives within the corporate hierarchy have become prominent.*

Attackers are developing custom kits and exploits for targeted attacks, bringing in the element of surprise. Cryptominer attacks have grown significantly in the last one year. As existing vulnerabilities are mitigated, attackers will aggressively migrate to new tactics, keeping the ball rolling.

How to defend against cyber attacks

Here’s the good news: The financial sector is one of the most regulated and mature industries when it comes to cybersecurity.

After some high-profile breaches, financial organizations are re-establishing governance for security with clearer executive reporting structures. About 22% of Chief Information Security Officers (CISOs) are reporting straight to the CEO.*

Thanks to digital transformation programs, companies are dedicating more of their IT budgets on security. Twenty-three percent of BFSI organizations have a security budget greater than 10% of their IT budget.*

For organizations that have their security governance in place, security budgets fixed and allocated, security products and services on the go, the next step is measurement. Over 60% of organizations in the banking and financial sector track patch management and vulnerability scanning coverage, mean-time to incident recovery, mean-time to detect vulnerabilities and regulatory compliance, and time-to-detect and remediate incidents.*

The security practices of financial institutions have evolved. The security landscape is changing in various practices like data security, application security, API security, network security, end-point security, security monitoring & analytics, and cloud & IoT security. Security assessments for every application in build/release cycle took the top spot for BFSI vertical during the last year.*

Financial institutions understand the need to be cyber resilient and strive to instill cybersecurity within the culture of the organization. Their employees are empowered with knowledge in order to prevent unintentional insider threats and avoid negligence. The most significant step followed by 80% of organizations is to have security policies and formal disciplinary processes in place. This is no surprise, since this is one of the most heavily regulated industries and a breach could involve a direct financial consequence.

Winning the war

New technologies like cloud and IoT are increasing vulnerabilities for financial institutions, and attackers around the world are arming themselves to wage war. Now more than ever, it is crucial for organizations to heighten their level of preparedness and strive to achieve proactive resilience.

Financial institutions have been early adopters of emerging cyber technologies or controls to counter new threats. But it’s vital to review cyber resiliency practices consciously to protect against the onslaught of attacks headed their way.