A new report from GreySpark Partners, a leading global capital markets consulting firm, shows that financial firms cannot afford to relax their vigilance against cyber-attacks on any level. Providing impenetrable cyber-security in today’s vast and interconnected electronic financial services industry is a nearly impossible task, and instituting measures that provide the required level of protection is putting security teams under significant pressure. However, cyber-security is not just an IT issue and it increasingly involves business-side managers, who are becoming more instrumental in focusing investment in financial institutions.
The report, Countering Cyber-crime in Financial Services, casts a light on the range of techniques that can be used against companies and the necessary approaches that must be taken to secure the business. International criminal organisations are becoming increasingly sophisticated in their ability to exercise complex cyber-attack strategies, but not all cyber-crime against financial institutions results from technologically advanced attacks. An estimated 95% of cyber-crime is attributed to human error, and the transient nature of many individuals in the workforce means that training programmes covering the basics of cyber-security should be integral part of learning and development support for all staff. Financial institutions cannot afford to become complacent as most attackers are more likely to choose to exploit a simple vulnerability over instigating a complex cyber-attack strategy. To prevent these risks, policies and procedures must be frequently revisited by companies to ensure that organisations do not lose sight of the fundamentals of cyber-security implementation.
Rachel Lindstrom, GreySpark senior consultant, said: “Cyber-security for financial institutions must evolve as fast as the technology and techniques used to breach their defences. Organisations need to have a holistic view of their structure and its vulnerabilities, understanding the limitations of each of the security technologies they deploy. By engaging with experts who specialise in carrying out assessments and tests of cyber-security plans, financial companies can quickly and easily benefit from shared expertise.”