November 10, 2016 By Larry Loeb 2 min read

Two-thirds of financial institutions that responded to a recent MetricStream Research survey indicated that they had experienced a cyberattack in the past year.

Financial Cybersecurity Threats Rising

The survey queried “C-level information security professionals” associated with 60 global financial services firms of various sizes and segments, including banking, insurance, asset management, diversified financials, investment services and foreign exchange services.

The survey suggested that insider threats continue to play a prominent role in the financial cybersecurity landscape. In fact, 48.5 percent of respondents reported that most cyberattacks were enabled by employees.

Where the Money Is

Cybercriminals love to target the financial industry because, quite simply, that’s where the money is. In response to this persistent threat, 91.2 percent of survey participants reported formally introducing cybersecurity into their enterprise risk management (ERM) program.

The specifics of the cybersecurity components in those ERM programs may need to change over time. The financial industry has its own particular security risks and regulatory frameworks to respond to them. Any security best practices evolve over time. so it’s a good idea to review them regularly as they apply to the institution.

For example, any evaluation of the risk management program should consider current information about the various threats that security professionals might find when they remediate an attack. It’s critical to know specifically what works and what doesn’t with respect to the institution’s situation.

Third-Party Protection

You don’t have to do all the heavy lifting in-house. Unsurprisingly, 70.6 percent of respondents reported that third parties played a role in their ongoing security efforts.

Security-as-a-service may be a very useful specialization for some organizations. Rather than being forced by necessity to build its own in-house expertise, a company can simply buy it as a package from a vendor and rely on round-the-clock servicing to protect their assets. They might need it, too: 55.9 percent of respondents reported an increase in attacks from previous years, while just 2.9 percent said that threats were decreasing.

Almost all agree that financial cybersecurity is a necessity in today’s world, but how those affected organizations go about achieving security is up in the air. Leveraging outside expertise and running risk management programs are only the tip of the iceberg.

More from

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today