Data from several sources has revealed that the financial sector is doing pretty well when it comes to cybersecurity but is this leading to a sense of overconfidence?
An Accenture report based on a survey of more than 800 enterprise security practitioners, showed that financial firms stopped 81% of breach attempts in 2017, up from the 66% in 2016.
This apparent improvement is no doubt down to the financial sector being at the very top of the list of most cybercriminals desired target as well as advice from government and security firms being heeded which in turn has seen the introduction of sufficient budgets to face the challenges.
The financial sector has made significant improvements to its cybersecurity over the last few years with the report from Accenture showing that just 15% of cyber-attacks resulted in a successful breach in the first six months of 2018 compared to the 36% success rate recorded in 2017. The report also shows that 80% of those financial sector services are confident in their cyber defences, despite the fact that 1 in 7 cyber-attacks is successful and some of the most reputable financial service firms suffered a breach.
The Accenture report also confirms what Bitglass’s Financial Breach Report 2018 says, in that the number of attacks against the financial sector has increased sharply in 2018 with the number of attacks doubling from 2017 and tripling from 2016.
The seemingly strong success rate in the financial sector has not deterred cybercriminals but could see complacency setting in amongst financial firms confident that they’ve done enough to be secure.
Malicious insiders – The threat from people within an organisation was highlighted earlier in the year when a former employee at US regional banking giant SunTrust stole the data of 1.5 million of its customers. On a global scale malicious insider are the biggest threat to the financial institutions. According to IBM's 2016 CyberSecurity Intelligence Index, this is where one can find 60% of the threats to an institution. The best way to defend against such instances is to ensure that employees only have access to the data they need and implement access control policies that are adhered to.
Distributed Denial of Service (DDoS) Attacks – With the increase in the availability of botnet for hire services, anyone can launch a DDoS attack. DDoS attacks are when part of a network is targeted with an overwhelming number of requests that impact network bandwidth, causing it to either slow or crash altogether. Adding to the risks is the rapid increase in the number of Internet of Things (IoT) devices on the market. A DDoS attack can take down websites which for financial services can create panic for their customers if they’re unable to gain access to their online accounts, in turn harming the affected organisations reputation.
Ransomware – Ransomware malware that takes control of a device and encrypts the data on them in an attempt to extort money from its victims. The financial services sector is a favourite target for such attacks due to the funds and budgets at their disposal. As a result, an effective attack could prove lucrative. Paying a ransom rarely results in the encrypted data being released and will make criminals consider you to be a soft target for future campaigns. Read how to counter the Ransomware threat here
Third party and supply chain – Like other organisations financial institutions work heavily with third party partners and often have extensive supply chains. In order to keep costs down most bodies outsource services rather than create and develop in house solutions. Third party’s and supply chain members can provide alternative routes of compromise for attackers.
.CyberScore™ is an innovative software tool that helps organisations of all size and type improve their cyber security by rapidly scanning their entire network, highlighting vulnerabilities and giving expert remediation advice so they – or their IT provider – can make their networks stronger.
The benefits include -
XQ Cyber also offers a range of incident response and consultancy services such as Penetration Testing, Cyber Posture Assessments and Incident Response preparedness and testing.