Logo Threat Intelligence

Cybersecurity in Finance: Risks and Mitigation Strategies

Threat Intelligence • Aug 09, 2021

In 2017, Equifax, an American credit reporting agency, was the victim of a massive data breach. In just a couple of months, hackers stole personal/sensitive information on 147 million people. In January 2020, the FTC confirmed that Equifax would pay $425 million to the victims.

Cybersecurity in the Financial Services Market: Why It Matters

 By 2025, the global financial services market is expected to grow to $28,529 billion. The industry remains one of the key drivers of the global economy.
In general, cybersecurity incidents continue to plague the sector, particularly following COVID-19. In fact, since the pandemic began, 74% of financial firms have experienced a rise in cyber crime, including data breaches, ransomware and phishing, fraud, and account and money theft. The average cost of a data breach in the sector is $5.83 million , compared to $3.86 million across all sectors. For all these reasons, financial firms must become more aware of the cybersecurity threats to the financial sector.

Cybersecurity Threats to the Financial Sector

Regulatory Inaction


Regulations in the financial industry protect customers from fraud, and prevent companies from taking excessive risks. Laws like Sarbanes-Oxley (SOX) and standards like Payment Card Industry Data Security Standards (PCI-DSS) are part of this regulatory regime. Without them, financial companies and customers are vulnerable to cybercrime.


However, many financial firms face cybersecurity compliance challenges due to:
 

  • Increased use of endpoint devices: More devices, more risks
  • Cloud adoption: Data and asset sprawl make tracking and control difficult, and increases cybersecurity risks

It can also be challenging to stay updated with evolving compliance regulations.


Human Errors: Employees and Third Parties


In 2019, 53% of breached organizations revealed that human error was the primary cause of the breach (Shred-it). Many errors originate from clueless employees, using weak passwords, mis-sending email, using unauthorized software, and other poor cybersecurity hygiene practices. Careless vendors or suppliers are also a huge cybersecurity threat to the financial sector. In 2019, data breaches linked to vendors (“Supply Chain Attacks”) increased the average cost by
$207,411. Greater interconnectivity creates more entry points and exploitable vulnerabilities that introduce more cybersecurity risks.


External Threat Actors


Malicious ex-employees and external threat actors are also a serious source of cybersecurity threats to the financial sector. In 2020, 56% of attacks against financial institutions were carried out by external threat actors motivated by financial gain (Verizon), usually via:
 

 


Social engineering attacks accounted for 81% of data breaches (Verizon), where criminals stole PII, credentials, and bank data.


State-sponsored Attacks


State-sponsored attacks are a serious concern for the financial services industry. Unlike individual attackers, their goal is not financial gain, but to steal and exfiltrate PII, financial secrets or intellectual property. The intruders break into a network, implant malware, and maintain an imperceptible presence until they can siphon off the targeted data. The good ones can even cover their tracks to avoid discovery.

Cybersecurity Strategy For Financial Institutions

Following numerous cyberattacks on financial institutions in 2020, cybersecurity in the financial industry is more vital than ever. Here are some ways financial firms can protect themselves.


Establish a Formal Cybersecurity Framework


Financial institutions can manage cybersecurity risk with a robust cyber risk management framework. Numerous tried-and-tested frameworks already exist, so they don’t need to start from scratch:
 


In addition, the Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook provides comprehensive guidelines to help financial firms improve their security and compliance.


Assess and Manage Vulnerabilities


In 2020, scanning and exploiting vulnerabilities were among the top infection vectors (IBM). As more vulnerabilities are discovered, the risk surface will grow. This is a particularly serious problem for financial institutions, since they manage massive amounts of data and money.
Other key developments that create significant cybersecurity vulnerabilities:
 

  • Increasing number of apps in enterprise IT
  • Growth of shadow IT
  • Remote work
  • Bring Your Own Device (BYOD) policies
  • Adoption of Internet of Things (IoT) technology

 


To mitigate these risks, financial organisations must proactively assess and eliminate open vulnerabilities. Other strategies like regular software updates/patches and penetration testing are also crucial to boost cybersecurity in finance.


Adopt Continuous Security Monitoring


As threats evolve, financial companies are at risk of data theft, credential compromise, extortion attempts, and even espionage. This is why continuous security monitoring (CSM) is a must for effective cybersecurity in finance.

CSM is an automation-powered threat detection strategy where the IT ecosystem is continuously scanned to find security weaknesses. When gaps are discovered, alerts are sent to a
Security Incident And Event Management (SIEM) system . The approach enables companies to boost security, manage vendor risks, and improve compliance.


Manage Third-party Risks


Third-party risk management should be a component of the cybersecurity policy for financial institutions. It enables firms to identify and mitigate security risks arising from third-party vendors, partners, and suppliers. For maximum effectiveness, companies must continuously catalogue risks, assign risk levels to each vendor, verify their security posture, and use this information to guide their cybersecurity strategy. They must also limit third-party access to critical assets and data.


Invest in Employee Cybersecurity Training


Since human errors are common causes of cybersecurity breaches in the banking industry, it’s vital to build a cyber-aware workforce. Employees must be trained on the various cybersecurity risks and the best practices to prevent breaches. The program should teach them how to spot phishing schemes, strengthen password security, and guard against social engineering attacks. It should also demonstrate the risks of remote work, and how to mitigate them effectively.

Conclusion

Financial organizations are becoming an increasingly lucrative targets for cybercriminals. However, they can boost their cyber defences to evade threats and protect their assets and customers.   For strong cybersecurity in finance, they must take a holistic, multi-pronged and balanced approach. This means they should invest in both technological and human solutions. Failing to do so could be catastrophic.

AI in Pen Testing
By Anupama Mukherjee 25 Mar, 2024
In this blog post, we will explore how AI can enhance cybersecurity through pen testing, and the risks of using AI in this way.
AI in Cybersecurity
By Anupama Mukherjee 13 Mar, 2024
In this article, we will discuss the role of AI in protecting digital assets from cybercrime.
IRAP Assessments
By Anupama Mukherjee 07 Mar, 2024
In this blog post, we're breaking down IRAP, who it applies to, and how to achieve it. This content has been created with the help of our Technical GRC Specialist, Sam Panicker.
2024 Cybersecurity Trends
By Anupama Mukherjee 04 Mar, 2024
And as the year draws to a close, the question that remains is: What will the new year hold for the cybersecurity industry? Find out in this blog post!
Share by: