• Ian Porteous, Regional Director, Security Engineering UK&I at Check Point Software


• 16.12.2021 05:00 pm
#Cybercriminals

The average cost of a data breach in the financial services sector now exceeds $5 million USD, nearly $2 million USD higher than the average cost across all other sectors. That’s according to a data breach report published by IBM earlier this year, highlighting the disproportionate levels of risk facing the financial services industry as businesses continue to navigate one of the most turbulent economic periods on record.

While the pandemic’s impact on all sectors has been significant, the financial services industry has been disproportionately targeted by cybercrime. According to one source, there was a 238% spike in the number of cyberattack incidents experienced by banks between February and April 2020, just months into the crisis. And according to Check Point Research, over the last six months, financial organisations in the UK have experienced an average of 409 cyberattacks a week. To date, nearly 75% of banks and insurance groups have reported spikes in cybercrime to varying degrees and according to Ponemon Institute, 57% of companies in the UK finance sector believe the pandemic has exposed employees to increased cyber risk. After a year or more of remote working and cloud migration, cyber threats are continuing to ravage the financial services sector in what could easily be described as a perfect storm of risk and vulnerability. So what are those risks, and what security strategies should businesses be considering as we move into 2022?

One of the biggest challenges reported by our financial customers has been the rapid implementation of a cloud migration strategy, particularly when it comes to regulatory and compliance concerns around public cloud adoption. Cloud innovation is only possible where budget is available, and often this budget is swallowed up by legacy systems and architecture that can be difficult to shake. Those that haven’t been able to embark on a rapid cloud transformation journey due to strained budgets are usually the same businesses that spend huge amounts of capital on “keeping the lights on” when it comes to legacy services.

As well as strategic challenges, businesses in the financial services industry are also facing increasingly sophisticated threats from bad actors. Online commerce has skyrocketed, and the number of people handing over their data to third-party financial services firms has boomed as a result. Those in the FSI sector work almost exclusively with funds, personal credentials and other sensitive customer data, all of which have tremendous value to a criminal who could hold this information to ransom, use it to redirect payments, or simply sell to the highest bidder on the dark web.

Among the biggest threats currently facing the sector are phishing scams and so-called “banking trojans”, which are evolving at pace as well as DDoS, or “distributed denial of service” attacks. In a DDoS attack, the target network is flooded with thousands, or even millions, of superfluous requests that overwhelm a company’s resources, leaving it vulnerable to attack. In June 2021, Radware reported a wave of DDoS attacks specifically targeting financial institutions.

When it comes to cybersecurity, prevention is always better than cure, so financial institutions need to be looking at all-encompassing architected solutions that provide visibility and real-time insight instead of focusing purely on remedial strategies. Rather than having a dozen siloed security solutions clumsily stitched together, businesses should instead be focusing on their security as an architecture in and of itself, consolidating patching, segmentation, audits, access controls and more into one unified set of processes. This is of particular importance today, when teams are more likely to be distributed and endpoints scattered.