Cybercrime is a lucrative business and criminals are increasingly targeting the financial sector in their quest for quick financial reward. As cyberattacks continue to grow in both frequency and sophistication across all industries, the financial sector in particular is under relentless attack from hackers, falling victim to cyber security incidents around 300x more than other industries. This sector also sees the highest cost for cybercrime at $18.3 million for the average business.
Whilst cyber threats vary in their approach and impact, data exfiltration, malware, phishing, and DDoS, are most prevalent with attackers who are focussed on obtaining access to confidential transactional data, user account information and gaining control over transactional systems with the intent to steal funds or disrupt operations.
Crime does pay
Unfortunately, selling stolen personal information and credentials on the Dark Web does pay, and with its reliance on confidential customer data to conduct business, the financial industry will always be a prime target for cybercriminals. When a breach does occur, the risks are multiplied when you consider the number of users involved. Take for example the 2017 Equifax breach which affected more than 143 million consumers.
Mobile banking poses its own set of challenges for the industry. With customers becoming increasingly reliant on mobile apps and online web portals to complete transactions, banks and other financial businesses must develop new technologies to accommodate the demand, therefore increasing their exposure and level of risk. Mobile malware, third party apps, unsecured wi-fi and precarious customer behaviour pose significant risk to mobile banking, and it’s important to note that the financial institution owns that risk, regardless if they use a proprietary or third-party mobile banking application.
It’s fair to say that there are only two kinds of financial services firms out there: those that have faced a cyberattack and those that will. We know that security breaches are inevitable, and they will lead to lost revenue, GDPR and other regulatory fines, loss of customers, operational interruptions and reputational damage that can take years to repair.
A Layered Strategy
The cyber threat landscape today is infinitely more sophisticated than just a few years ago and it’s evolving quickly. Cybercriminals are always looking for new ways to attack so financial organizations must embrace new technology to defend against them. The days of relying on firewalls and Antivirus to prevent these attacks are well and truly behind us. To protect against modern-day threats, a preventative multi-layered defense system focussed on preventing data loss, data profiling and data collection is required.
Cyberattacks and data breaches are inevitable, and hackers will find their way in, but with a preventative approach to cybersecurity these threats can be eliminated before the damage is done. Gartner estimates that companies globally could incur $5.2 trillion in additional costs and lost revenue over the next five years due to cyberattacks, so all businesses, particularly those in the financial sector simply must prioritize cyber defense.