The Covid-19 pandemic has transformed the way businesses operate. Within a few weeks from the onset of the pandemic in early 2020, corporations had to shift to a remote working model. This change was marked by rapid adoption of cloud technologies and a significant proportion of workforce suddenly using personal devices to access their official documents. While this enabled business continuity, it also expanded the threat perimeter, making businesses more vulnerable to cyber-attacks.
The banking, financial services, and insurance (BFSI) sector is no exception. From February 2020 to April 2021, the BFSI sector experienced a 40-fold increase in cyber-attacks including phishing, malware and ransomware.1 In 2020, the average cost of a data breach for a global financial services firm was $5.85 million, significantly higher when compared to the average cost across all the sectors.2
Within BFSI, capital market firms are likely to witness a significant impact, given that they accounted for over one-fourth of all cyber-attacks targeted on the BFSI sector from January 2020 to March 2021.3 Recent technology trends in capital markets are increasing the number of participants on the enterprise network, making it more vulnerable to cyber-attacks. The adoption of open architectures — which allow corporations to quickly add, upgrade, and swap system components with third-party companies — are also making it more difficult to align cybersecurity controls across the extended enterprise network. Similarly, commercial off-the-shelf products are often cost-effective and simplify installation but can create unknown cyber risks in the enterprise network.
Top cyber risks in the post-pandemic era
CIOs and CISOs can help minimize the impact of cyber-attacks by pro-actively checking the key sources of these attacks. Wipro’s recent report State of Cyber Security 2020 highlighted three top sources of cyber risks for BFSI firms in the post-pandemic era:
- Unprotected services from third-party vendors
With the advent of open APIs, a number of third-party vendors have emerged as the authorized service partners of leading BFSI firms. Because these vendors are granted access to confidential client data, unprotected services from these vendors have become a key targets for cyber-attacks.
- Employee negligence/Unknown cybersecurity protocols
More than half of the organizations surveyed experienced cyber-attacks owning to lack of cyber awareness or negligence of their employees. This was also because, amidst lockdowns, some employees had to use personal devices which lacked adequate security.
- Over-allocation of high-risk permissions on cloud
On an average, organizations provide over 95% of their employees with high-risk permissions on cloud. However, employees typically use only 10% of these permissions. This inability to effectively grant, manage, and monitor permissions across a multi-cloud environment is posing a serious risk to BFSI firms.
In addition, aligning regulatory requirements across multiple jurisdictions (for instance, GDPR and the California Consumer Privacy Act) also remains a challenge, increasing latency in cybersecurity processes supporting operational resilience.
Developing a consistent, functional capability model based on governance, people, process and technology helps alleviate these problems and presents an integrated view of cybersecurity from a compliance perspective. Making wise use of security and compliance data to establish clear linkage between threats and risks enables firms to make more strategic decisions.
Key assets and associated processes capital market firms need to secure
In the context of capital markets, cyber-attacks typically target certain assets across the value chain, as shown in Figure 1. CISOs need to pay special attention to ensure cyber resilience of these assets.