Most Large Financial Firms Have Been Attacked In The Past Year

No matter how much technology progresses, malware continues to be a consistent menace that criminals use and they have been improving its effects. Ransomware also continues to plague organisations, with 43% of respondents having experienced an attack and 80% of respondents believing they will experience another attack within the next 12 months. 

Over 60% of large financial services (FS) firms have suffered a cyber attack in the last year, according to new research released from data security provider HelpSystems. Although most FS organisations have increased their cyber security investment over the previous 12 months, the attacks continue.

The main investment priorities for CISOs over the next 12 months include secure file transfer (64%), protecting the remote workforce (63%) and cloud/Office365 (56%).

Reports have confirmed patterns throughout this year, that the COVID-19 pandemic has exacerbated the risk from cyber-attacks. Indeed a survey of 250 CISOs and CIOs from FS firms across the world, revealed that 45% of respondents reported an increase in cyber-attacks since the pandemic first emerged. 

There are countless examples of cyber attacks where this weakness was exploited, highlighting just how hard it can be to keep an organisation secure in our interconnected world.

  • 47% of FS firms have increased the investment in secure collaboration tools, a sign of the surge in reliance on tools that facilitate remote working. The report further revealed that securing the remote workforce has become a ‘key objective’ for 42% of the surveyed firms.

Meanwhile, the survey found that over 92% of these FS organisations increased their cybersecurity investment over the previous 12 months, 26% quite significantly so.

“It’s a highly challenging cyber security landscape for the financial services sector, with many CISOs focused on battling day-to-day threats alongside trying to achieve broader strategic objectives,” says HelpSystems CEO Kate Bolseth.... But of equal importance, especially for longer-term strategic goals, is ensuring the right processes are in place and educating and training employees.”says HelpSystems CEO Kate Bolseth

Security weaknesses in the supply chain and the proliferation of remote working situations were identified as the two threats with the most potential to cause damage in FS firms, at 46% and 36% respectively.

  • The research also found that around one-third of respondents had reacted quickly to update their regulatory best practices, while 46% had re-evaluated their cybersecurity training and policies to better reflect the increased home working.  
  • Almost half of the respondents felt COVID-19 had accelerated changes that were already in discussions, such as a move to Office 365. Such changes form part of broader digital transformation strategies, which was seen as the main challenge facing FS firms, according to HelpSystems.
  • Perhaps most alarming is the widespread and long term impact a malware attack can have on an organisation. Respondents indicated increased cost of security (59%), productivity loss (57%), system downtime (50%), and IT security strategy revisions (48%) as a few of the major consequences of an attack.

“Cyber-attacks are growing in volume and severity, so FS firms need to not only protect the organisation against day-to-day threats, but also make the transition to digital, meet regulatory demands, and secure a remote workforce in the light of COVID-19.”says Bolseth

Nearly half of all companies spoken to felt that Covid-19 has accelerated changes that were already in discussions, such as a move to Office 365. These changes now form part of broader digital transformation strategies, which was seen as the main challenge facing Financial Services in the future.

Help Systems:       Core Security:     Security Brief:        Security Boulevard:    PR Newswire:

You Might Also Read:

Malware Versus Ransomware: What’s the Difference?:

 

« Cyber Security For Home Working
Is AI The Future of Cyber Security? »

Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

Systancia

Systancia

Systancia offer solutions for the virtualization of applications and VDI, external access security, Privileged Access Management (PAM), Single Sign-On (SSO) and Identity and Access Management (IAM).

Malta Information Technology Agency (MITA)

Malta Information Technology Agency (MITA)

MITA is the central driver of Government Information and Communications Technology (ICT) policy, programmes and initiatives in Malta.

BGD E-GOV CIRT

BGD E-GOV CIRT

BGD e-GOV CIRT's mission is to support government efforts to develop ICT programs by establishing incident management capabilities within Bangladesh.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

Cybersecurity Competence Center (C3)

Cybersecurity Competence Center (C3)

The Cybersecurity Competence Center was created to further strengthen the Luxembourg economy in the field of cybersecurity.

Get Safe Online

Get Safe Online

Get Safe Online is a leading source of unbiased, factual and easy-to-understand information on online safety.

Center for Cyber & Homeland Security (CCHS

Center for Cyber & Homeland Security (CCHS

The Center for Cyber and Homeland Security at Auburn University is a nonpartisan think tank that works to develop innovative strategies to address current and future threats to the United States.

Conduent

Conduent

Conduent delivers mission-critical technology services and solutions on behalf of businesses and governments. Solution areas include digital risk and compliance.