June 29, 2017

Financial Services: 9 Reasons to Increase Cyber Security Now

Cyber security in financial services has been in the news – and for good reason.

A significant 66.2% of financial organizations around the world experienced at least one cyber security attack in the last year, according to MetricStream’s 2016 State of Cybersecurity in the Financial Services Industry report.

Banks, insurance companies and other institutions in the financial services sector are a lucrative target because of the money and data they house.

The most common cyber crimes in this industry are financial fraud, identity theft, data manipulation, and persistent hacking attacks on payment systems and other systems. Crimes often result in financial losses. There is also a risk of brand and reputation damages, loss of revenue, lowered consumer confidence, and lower share prices.

What are some of the specific cyber security challenges facing the finance sector?

Access: There’s not just one way to breach a financial institution, there are several. Cyber crimes occur via mobile banking, online banking, the cloud, and other new technologies.

Regulations: Firms must comply within stringent industry, state, federal, and international privacy regulations.

Authentication: It is quite challenging to improve account security – and at the same time, simplify the digital experience for customers. Experts say non-password based authentication solutions are becoming more important.  

Insiders: Insider threats play a prominent role, according to the MetricStream survey: 48.5% of organizations reported that most cyber attacks were enabled by employees.

Network Security: The 2016 Financial Industry Cybersecurity Report showed that 95% of the top 20 U.S. commercial banks received just a ‘C’ grade or less for their network security.

Email: Cyber criminals are increasingly using email to infect targets with ransomware, deliver malware, steal credentials, and initiate distributed denial of service (DDoS) attacks. Phishing was the most common type of cyber attack in 2016.

Social Media: According to a Symantec white paper, cyber criminals are turning more to social media to gather information about individuals and companies.

Internet of Things (IoT): The IoT is still being developed for this sector. One example of how it might play out is insurance companies may start to use IoT devices to track driving behavior and align it to rates. In any case, these devices are often easily breached when connected to the internet. There are 24 billion IoT devices expected to be installed across the world by 2020.

Third Parties: There is always the potential for increased security risks when outsourcing.

Here’s how to improve cyber security in the banking industry:

  • Implement a comprehensive cyber security program. It should be integrated into risk management, comply with regulatory requirements, and utilize all the latest industry security standards.
  • Install preventative controls including firewalls, perimeter security, vulnerability testing, and intrusion prevention.
  • Make employee training a fundamental component of cyber security.  
  • Assess the security protocols and standards of third party vendors.
  • Securely dispose of confidential information that is no longer needed. Do not stockpile hard drives. Partner with a trustworthy information destruction company for secure destruction of hard drives and e-media.

Start Protecting Your Business 

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.