Customers, employees, and partners expect secure, transparent, and reliable int....
Cybersecurity in Financial Services
Cybersecurity has been one of the top global concerns for many sectors and industries including here the financial services sector. In fact, as shown in the graph below, the financial service industry is one of the leading sectors targeted by malicious actors, and as cyber-attacks are evolving, the situation does not seem to be getting any better. The main reason why financial institutions and other organizations related to financial services are more vulnerable is because of the large amounts of money and other related valuable data they manage.
Going under cyber-attacks can be a different experience for every organization. However, there is no doubt that it can cause many consequences, among which; financial loss, reputational damage, loss of customer trust, and potential fines. Organizations should invest and dedicate their work to protect the data in order to avoid such consequences and prevent any unwanted events.
Organizations are not the only ones responsible to maintain cybersecurity. In order to prevent, identify, and mitigate cyber threats, many high regulatory commissions, and relevant institutions are developing new security controls.
Cyber Threats to Financial Services
The most common cyber threats to financial services are:
1. Ransomware
According to a Sophos report, 55% of financial service organizations were affected by at least one ransomware attack in 2021. Ransomware is a type of malware designed to encrypt the data on devices and systems so that it cannot be accessed by the user. Using it, the attacker threatens the victim with the publication of sensitive information or the blocking of their access unless a ransom is paid by the victim.
2. Phishing
As a type of social engineering, phishing refers to the practice of sending fraudulent messages and tricking them into sharing personal information. In the financial sections sector, phishing is mostly used to obtain personal information, such as PINs, bank account numbers, credit card numbers, etc., which later can be used for malicious purposes.
3. Distributed Denial of Service (DDoS) Attack
Distributed Denial of Service or DDoS refers to an attempt to crash the traffic of an online server, service, or network by flooding the internet traffic. Hackers use this malicious activity to make an online service unavailable and inaccessible to original users. By blocking the pathway, the DDoS attack can disrupt the arrival of regular traffic to its destination.
4. Bank Drops
In order to hide their location, cybercriminals frequently keep their stolen funds in fake bank accounts which they open using stolen customer credentials like name, address, credit score, Social Security info, etc. These bank accounts are called bank drops and are used to make the accounts look legitimate so the fraudsters can complete their illegal activities unnoticed.
5. Supply Chain Attacks
During a supply chain attack, criminals find the most vulnerable and the less secure elements of the chain and attack it. In this case, they can use more circuitous routes but all for the same goal. The National Institute of Standards and Technology identifies three common types of supply chain attack techniques:
- Hijacking updates
- Undermining code signing
- Compromising open-source code
6. Third-Party Risks
Third-party risks are risks brought to an organization by external parties, such as vendors, suppliers, service providers, etc. Security standards compliance issues and inadequate security controls on third-party connections increase vulnerabilities and attack likelihoods.
Protecting Financial Services Against Cybersecurity Threats
To protect the financial services sector from various sophisticated cybersecurity threats, mitigate the risks, and increase security, organizations should start implementing different cybersecurity processes and actions. The best first step any organization can take in this war is to understand cybersecurity very well and be aware of the risks.
Some of the best practices and strategies to protect financial services organizations from cybersecurity threats are:
1. Cybersecurity Frameworks
Cybersecurity frameworks are documented sets of best practices, guidelines, and standards developed to manage cybersecurity. Cybersecurity frameworks can be control frameworks, program frameworks, and risk frameworks. Some of the most common cybersecurity frameworks are:
- NIST Cybersecurity Framework – Is intended to protect critical infrastructure from cyber-attacks. This framework’s core cybersecurity functions are to identify, protect, detect, respond, and recover.
- ISO/IEC 27001 and ISO/IEC 27002 – Part of the ISO/IEC 27000 series, ISO/IEC 27001 provides requirements for the establishment, implementation, maintenance, and continual improvement of an organization’s information security management system. ISO/IEC 27002 provides guidelines for selecting and implementing related standards, controls, and practices.
- SOC2 – This compliance standard is a security framework which specifies safeguards to ensure the protection of customer data from unauthorized access, security threats, and other incidents.
2. Cyber Risk Management
Cyber risk management refers to an organization’s processes of identifying, monitoring, analyzing, assessing, and treating its cybersecurity threats. The first part of cyber risk management is cybersecurity risk assessment.
3. Threat Monitoring
Threat monitoring in cybersecurity is used to continuously monitor networks and endpoints to detect threats, minimize their impact, and maximize data protection. Modern threat monitoring technologies and tools, provide organizations with better network visibility allowing them to identify any irregularity or weakness leading to better protection.
4. Third-Party Risk Management (TRPM)
Considering the high third-party risk, financial organizations need to take a new cybersecurity approach in which they highlight the importance of identifying, measuring, and managing all risks, including those caused by third-parties.
5. Cybersecurity Culture
The human factor is crucial when it comes to cybersecurity. They tend to make mistakes that can have many consequences for the financial services. That is why, building a culture of cybersecurity in organizations can enhance cybersecurity.
Organizations need to raise awareness and influence their employees’ beliefs and attitudes toward the importance of cybersecurity. It is important that such reinforcements happen in all levels of organizations starting from the leadership to every individual, as everyone shares responsibilities.
6. Response Plan
Despite being well-prepared and having taken the necessary steps to protect themselves from cyber threats, organizations can still face such incidents. That is why, as in every other industry, organizations of the financial sector should develop a response plan as well. In case of any unwanted events, a response plan would help minimize the impact of the incident and recovery time.
PECB Cybersecurity Management Certification
PECB Certified Cybersecurity Management available training courses:
About the author
Vlerë Hyseni is the Digital Content Officer at PECB. She is in charge of doing research, creating, and developing digital content for a variety of industries. If you have any questions, please do not hesitate to contact her: content@pecb.com