The Question of Cyber Security in Financial Sector
Financial institutions (banks and insurers) rise up with the dubious honor of being one of the priority targets for cyber criminals. These organizations suffer an average of 125 intrusions a year, three times more than six years ago. Thus cyber security in financial sector has become the top priority to address.
Victims of increasingly sophisticated attacks, financial companies are facing devastating consequences. In addition to revenue losses, these altercations are undermining the integrity of data and customer assets, impacting the reputation of the affected institutions. In this context, a study on international B2B reveals that organizations suffer, on average, losses close to one million dollars ($ 926,000) for each incident of cyber security.
With regard to the budgets that financial institutions allocate to combat this type of attack, these are varied. Thus, when it comes to dealing with a Denial of Service (DDoS) attack, investments exceed € 250,000, compared to the almost $ 100,000 reserved for a ransomware-type incident. There is no doubt that the damage caused by cyber-attacks is unfortunate, so adopting pragmatic measures to protect against such incidents is vital for companies in general, and for financial companies in particular.
Examples of Attacks Suffered by Financial Institutions
In general, the world of finance has been less affected than other sectors by common forms of cyber-attacks such as malware. However, this market has been particularly exposed to targeted attacks and DDoS.
During 2016, cyber criminals stole $81 million from Bangladesh Bank through the use of a malicious code detected by ESET as a variant of Win32 / Agent.XZH. It is a highly complex code that presents sophisticated functionality and allowed cyber criminals to access the messaging software used by more than 11,000 banks and financial institutions in more than 200 countries known as SWIFT Alliance Access.
There has also been a sharp increase in the number of users infected by banking Trojans, whose primary objective is the theft of customer data. Finally, financial institutions are also affected by targeted phishing, social engineering, and backdoors that allow cybercriminals to infiltrate information systems with complete confidentiality.
Implementing appropriate defense strategies
As a result of this type of incidents, the certain thing is that the cyber security now supposes a greater preoccupation for the directors of the main banks and insurance companies. This fact is reflected, mainly, by the increase that the budgets have suffered for the security of Information Systems in recent years.
However, and although they are already well equipped with established solutions, banks must go one step further in order to take advantage of the benefits that new approaches, such as artificial intelligence or analytical technologies, offer. These technologies will help them improve their existing agreements and improve their security levels, allowing them to actively protect themselves against new threats while moving forward with confidence and success in their digital transformation.
Certainly, in an area as sensitive as banking and insurance, companies must protect themselves by choosing reliable technologies, whose reliability and robustness is reflected in certification and classification at the highest level.