November 21, 2014 By Douglas Bonderud 2 min read

In the wake of the JPMorgan Chase breach, how do financial institutions plan to protect themselves from cybercrime? According to a sneak peek of an upcoming PricewaterhouseCoopers (PwC) report, they should spend big on cybersecurity budgets.

The preview of this report, which will be released in full on Monday, was obtained by the Wall Street Journal and covered by SC Magazine. It found that financial services companies are on track to increase their security budgets by $2 billion over the next two years. PwC’s survey asked 758 companies about their spending plans and discovered that they have already spent $4.1 billion this year to keep assets safe. Most predict a 10 percent to 20 percent jump in spending per year, or $2.6 billion more allocated for cybersecurity by 2016. But will it be enough?

Big Losers?

According to a Nov. 14 article from Financial News, financial institutions are among the hardest hit when it comes to cybercrime. Digging into the PwC preview showed that financial services companies accounted for 34 percent of all breaches through 2013, and in the past year, the number of firms reporting losses of $10 million or more increased by 140 percent. It’s no surprise; brick-and-mortar banks no longer carry any significant amount of cash on hand, making daylight robberies almost useless. Online credentials, meanwhile, give malicious actors access to a wealth of financial services, accounts and, in many cases, the ability to compromise a consumer’s entire online identity.

Moreover, tracing these attacks is problematic, meaning cybercriminals often face less risk. To protect valuable networks and assuage customer fears, banks need a plan. Right now, that plan is to invest heavily in security experts and consulting firms that offer cyberdefenses specifically designed for the financial services industry.

Solid Planning

As noted by a recent MSPmentor article, banks aren’t alone when it comes to increasing cybersecurity budgets. Seventy-five percent of chief information security officers surveyed across multiple industries said they expected their cloud security budgets to dramatically increase over the next five years. What’s more, almost half of the respondents believed a major cloud provider would suffer a “significant security breach” in the same period. Just like financial institutions, other enterprises are coming to grips with the new nature of cybersecurity. Companies must assume they are next in line for a breach rather than pretend it can’t happen.

Will all this spending pay off? It depends. Money alone isn’t enough to solve the problem of cybercrime. Financial institutions must invest in solutions that can actively scan for threats, take immediate action and prevent further intrusion, all without bogging down the network.

More from

How cyber criminals are compromising AI software supply chains

3 min read - With the adoption of artificial intelligence (AI) soaring across industries and use cases, preventing AI-driven software supply chain attacks has never been more important.Recent research by SentinelOne exposed a new ransomware actor, dubbed NullBulge, which targets software supply chains by weaponizing code in open-source repositories like Hugging Face and GitHub. The group, claiming to be a hacktivist organization motivated by an anti-AI cause, specifically targets these resources to poison data sets used in AI model training.No matter whether you use…

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Getting “in tune” with an enterprise: Detecting Intune lateral movement

13 min read - Organizations continue to implement cloud-based services, a shift that has led to the wider adoption of hybrid identity environments that connect on-premises Active Directory with Microsoft Entra ID (formerly Azure AD). To manage devices in these hybrid identity environments, Microsoft Intune (Intune) has emerged as one of the most popular device management solutions. Since this trusted enterprise platform can easily be integrated with on-premises Active Directory devices and services, it is a prime target for attackers to abuse for conducting…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today