In a report done by IBM last year, financial services were said to be the number one targeted industry for cyber threats, since they store sensitive data and manage money.
Because of this, financial institutions have amped up security and have looked into the root cause of data breaches.
According to a recent survey done by EY, the biggest security threat in finance may be the people you least expect: employees working internally.
“The survey, which polled 1,735 global executives, information security managers and IT leaders, found that careless employees are the most likely source of a cyberattack (named by 74 percent of respondents), followed by criminal syndicates (56 percent), malicious employees (52 percent) and hacktivists (46 percent).” Forbes reported.
The survey continued to address the strength and weaknesses found throughout these financial institution’s security plans, as well as a suggested approach to combating risk.
Heightened Senses Help Predict
The first step to protecting yourself from cyber crime is heightening your security senses through integrating new tools in order to predict a threat is approaching, whether from internally or externally components.
Out of all the respondents in the survey,
- 73% are concerned about poor user awareness and behavior around mobile devices.
- Organizations doubt that they are going to be able to continue to identify suspicious traffic over their networks (49%), to track who has access to their data (44%) or to be able to find hidden and unknown zero-day attacks (40%)
Although there are fears among executives, 68% reported that they would not increase security spending if a supplier was attacked, and 62% would not increase cyber security spending if a breach caused no immediate harm.
This proves that some organizations are not taking cyber threats seriously, or not making it a priority to stop them once they are detected.
It is common for cyber attacks to happen more than once, especially after a test attack, which often times goes undetected, or unnoticed, because it doesn’t alter the security.
As more employees become connected to devices through the IoT, it forces business leaders to monitor the “perimeter of their ecosystems“, understanding who is using what data, and where.
Resist: Confront The Problem
It is important for organizations to integrate the proper tools in order to fight cyber crime throughout the financial sector, by implementing the leaders of the company to support and activate defenses.
“Cyber resilience requires senior executives to actively take part and lead the React phase. Since 2013, 31%–32% of responders say there is a lack of executive awareness and support which is challenging the effectiveness of cyber security.”
Securing processes such as software security, security monitoring, identity and access management, and network security will further protect institutions and guard against any potential internal threats.
Once Attacked, React
Reacting to cyber security threats is the first step to showing good leadership, awareness and where the organization’s priorities are.
“Many organizations have adopted the principle of least privilege or zero trust policies, which give employees access to the minimum number of resources needed to do their jobs while promoting in-depth monitoring of data movement across the network. However, in order to notice discrepancies or unusual data movement, this approach requires the monitoring of all traffic, not just that which crosses the perimeter into the network. And since privileged users have access to the most valuable data, security best practices dictate that these accounts are monitored more closely.” Fortinet reports.
Making a significant change to an organization’s security structure, and how employees access information, will require the collaboration of different departments in the company, such as corporate security team, corporate strategists, CIO’s and CISO’s, to approach the root of the issue and make necessary changes.
Attend our FSI Transformation Assembly to learn more about how to protect your business from the growing cyber threats that happen through digital transformation.
Join experts from North America’s major financial services and insurance organizations like Keynote Speaker Scott Dillon, EVP, CTO and Head of Technology Infrastructure Services at Wells Fargo and Company. www.wellsfargo.com
Reserve your seat today by filling in this form!