Ransomware Resiliency: How the Financial Services Sector Can Adopt Effective Defence Strategies to Defend Itself from Attackers
- Matt Nutt, Senior Vice President, International Sales at Veritas Technologies
- 23.08.2024 10:30 am #RansomwareResiliency #FinancialServices
Recent research shows that three in five (64%) financial services (FS) businesses have been hit by a ransomware attack in the last year. This is a jump from 55% in 2022 and the increase of cyber threats shows no sign of slowing down. The nature of the data that is held by FS organisations, from transaction data to customer details and beyond, means that the sector is a prime target for cyber attackers.
The sensitivity of this data means that the impact of a breach or attack can be significant. Once files are encrypted by successful ransomware action, organisations are left with painfully few options. Even if they choose to pay the criminals behind the attack, there is no guarantee that their data will be retrievable, and even less for this to happen without being made available publicly in some way. To make matters worse, the financial cost will nearly always be less than the potential reputational damage, which for financial services organisations is a critical business differentiator, where credibility and security are cornerstones for successful operations.
It's more crucial than ever before to prepare for the impact of a cyber-attack. Financial services companies must have the capacity to respond swiftly to any attack whilst also having the tools at their disposal to minimise its impact, in order to successfully defend from the threat of ransomware attacks.
Growing dangers
The threat posed by ransomware is not new, but it is growing in traction due to growing data volumes, and the development of contemporary technologies like artificial intelligence (AI). In fact, a recent Veritas study found that ransomware is a serious threat, particularly for financial services companies.
This research analysed the last three years of annual reports for the UK’s FTSE 100 companies, in order identify the main priority areas of the biggest enterprises. Of the industries reported on, cyber threats seem to be particularly weighing on the minds of those operating in the financial services sector. In fact, mentions of ‘cyber-attack’ in financial sector firms’ annual reports have increased by 55% in the last three years. Meanwhile, ransomware mentions were up by 88% from 2020 to 2022.
Financial services organisations have long been a prime target for hackers due to their highly regulated nature and the enormous quantities of personal data they are tasked with protecting. It seems that this threat is only growing.
Protection from the inevitable
In today’s digital landscape, it's crucial to ensure your digital infrastructure is just as protected as your physical one. When it comes to ransomware, failure to prepare really is preparing to fail. Organisations in the financial services sector require a thorough response strategy that is routinely tested, practiced, and shared with all relevant parties.
A key part of any response plan should be investment in resilient IT systems and robust risk-management processes. As well as reducing the likelihood of any disruption following an attack and improving the business’s overall ability to recover, these two elements will enable financial services organisations to develop strategies to help mitigate the impact of ransomware in the future.
However, it’s not just about investing in modern technologies. Another important part of the puzzle is to invest in the people who use them day-in and day-out. Organisations should regularly provide training to employees and all service-providing third parties on what to do and how to respond in the face of an attack. Too often, this step gets missed and key business partners do not receive updates in critical communication procedures, meaning a disjointed approach on the road to recovery.
It’s crucial that the financial sector rehearse their response plan after they have one in place. Regular stress testing is necessary to make sure that everything is operating as it should well before anything breaks. Companies should practice the plan with drills and exercises for their staff and service suppliers in addition to testing their digital solutions. By doing this, you may make sure that during an attack, everyone is aware of the plan and their specific roles and duties.
Act quickly
As ransomware attacks are on the rise, FS organisations are under increasing pressure to act fast and prepare for the inevitability of cyber threats. Having a clear response plan that integrates contemporary technologies and continuous employee training is a must. When an attack happens it is vital that everyone within the organisation understands exactly what they need to do and how to do it. In order to preserve operational resiliency and safeguard important data, cooperation and the execution of a practiced recovery plan are essential.