The financial services industry is under cyberattack with threat vectors including data breaches, advanced attacks that bypass security protections, and misconfigured cloud services. Regulators across the world demand a higher standard of performance from financial firms, as do customers who require safe access to their funds in an increasingly mobile and app-driven world. The industry will remain a key target for threat actors due to money and identities being on offer, along with opportunities for financial sabotage to cripple a country. Financial services organizations must revisit the efficacy of current cybersecurity protections, invest in new solutions to address emerging threats, and build a strong security posture by following best practices.

The term “financial services organization” covers a wide range of organizations including banks (central, retail, commercial, and internet), credit unions, investment banks, insurance companies, and brokerage firms.

KEY TAKEAWAYS

The key takeaways from this research are:

• Financial services organizations are under attack from many sides
New entrant banks with new business models, the move away from in-person banking, a complex ecosystem rife with legacy technology, and the rise of cryptocurrencies creates a challenging context for financial services firms.

• Traditional cyberattacks are complemented by emerging ones
Data breaches, impersonation attacks, and insider misdeeds remain rife in the sector. Emerging threats are being seen against cloud infrastructure, SaaS, cross-app access tokens, and application programming interfaces.

• Highly demanding regulatory environment
Government and industry bodies have imposed significant cybersecurity preparedness and reporting regulations on the sector, in addition to broader data protection mandates. Regulators are also pushing operational resilience.

• Threat actors find the sector alluring, and that is not expected to change
While there is money to be gained by illicit means, threat actors will keep trying. Smaller gangs are after the money, but nation-state threat actors are more interested in causing financial sabotage to destabilize a foreign enemy.

• Solutions are needed to protect and defend the sector—and its customers
Cloud services must be better protected, identity and authentication strengthened, and overprivileged access systematically reduced. Bots must be stopped, email hardened, and employees better trained to detect threats.

• Complement solutions with cybersecurity best practices
Start with an updated, context-rich cyber risk assessment for your organization, along with improved risk management frameworks internally and externally. Go beyond training and build human resilience to cope with cyberattacks.