Why Financial Institutions Can Take the Fight to Cybercriminals
- Paul Dignan, Global Technical Account Manager at F5 Networks
- 12.08.2016 08:45 am cybersecurity
You are now 20 times more likely to have your money stolen online than by a pickpocket or mugger in the street, according to recent figures from the Office for National Statistics (ONS). The stats revealed that almost six million web fraud and cybercrimes were committed in the past year in England and Wales alone – making it the most common type of crime suffered by adults in the UK.
The ONS figures are just the latest confirmation of something we already knew – cyber fraudsters are winning the battle when it comes to digital crime. Ultimately, it is the responsibilities of businesses to lead the fightback, however, some are better placed than others to do this than others.
Financial services - In the cross-hairs
Companies in all sectors are struggling to protect themselves from the range of potential attack vectors out there. Arguably, financial services (FS) organisations across EMEA are the most exposed. These businesses have the most high-profile, high-value assets on the internet. For example, the millions of current accounts banks look after for their customers. For this reason, the financial sector is always going to be a primary focus for hackers looking to cash in on vulnerabilities.
According to a separate striking report published by KPMG, this explains why as many as 8 in 10 financial institutions have experienced a cyber attack in the past two years, leading to many personal bank accounts being compromised.
It is imperative financial institutions invest in cyber security techniques and lead the fight against cybercrime. As a highly targeted sector, FS organisations are also in the best place to learn about the threats and display best practice in terms of resisting future attacks.
Opportunity calls
Aside from avoiding the loss of sums that can run into the millions (or even billions if the infamous Bangladesh bank heist earlier this year had been completed as planned), there are further incentives to invest in cyber defences. Banking customers are increasingly mindful of cyber security performance. In the above mentioned KPMG survey, nearly half (48%) of customers listed cyber security attacks as a factor in switching to a different provider. This is particularly the case for Millennials, the future customer core for banks. A recent US study suggested 29% of generation Y customers would close their account in the event of any security breach, regardless of the circumstances or the bank’s response.
While these figures might send shivers down the spine of financial decision makers, they also represent a real opportunity to solidify trust with customers by demonstrating that security is a strategic imperative and that they are taking every possible precaution.
Time for action
The technology exists to begin the fightback and tackle this multi-faceted threat landscape. As online banking and digital transactions has become the prevalent form of money management and payments, cyber security techniques have evolved in line with these advances. Current solutions include malware protection, anti-phishing, real-time encryption of data, as well as man-in-the-browser attacks, allowing financial institutions to cover all bases.
One particular area the industry can improve on is sharing its insights. Too often organisations take the decision to stay quiet and sweep incidents under the carpet. While this is understandable, sharing details of hacks and how incidents unfolded will benefit them in the long run, as the industry learns about new forms of cyber-attack and best practices faster. Furthermore, financial organisations that take the lead on this sharing approach will likely curry favour with customers who will see them as taking cyber security seriously.
Like it or not, financial institutions are top of the menu for cyber attackers. With ample resources and existing know-how, the financial sector can shine a light for other industries and help us win the war on cybercrime.