Most Large Financial Firms Have Been Attacked In The Past Year

No matter how much technology progresses, malware continues to be a consistent menace that criminals use and they have been improving its effects. Ransomware also continues to plague organisations, with 43% of respondents having experienced an attack and 80% of respondents believing they will experience another attack within the next 12 months. 

Over 60% of large financial services (FS) firms have suffered a cyber attack in the last year, according to new research released from data security provider HelpSystems. Although most FS organisations have increased their cyber security investment over the previous 12 months, the attacks continue.

The main investment priorities for CISOs over the next 12 months include secure file transfer (64%), protecting the remote workforce (63%) and cloud/Office365 (56%).

Reports have confirmed patterns throughout this year, that the COVID-19 pandemic has exacerbated the risk from cyber-attacks. Indeed a survey of 250 CISOs and CIOs from FS firms across the world, revealed that 45% of respondents reported an increase in cyber-attacks since the pandemic first emerged. 

There are countless examples of cyber attacks where this weakness was exploited, highlighting just how hard it can be to keep an organisation secure in our interconnected world.

  • 47% of FS firms have increased the investment in secure collaboration tools, a sign of the surge in reliance on tools that facilitate remote working. The report further revealed that securing the remote workforce has become a ‘key objective’ for 42% of the surveyed firms.

Meanwhile, the survey found that over 92% of these FS organisations increased their cybersecurity investment over the previous 12 months, 26% quite significantly so.

“It’s a highly challenging cyber security landscape for the financial services sector, with many CISOs focused on battling day-to-day threats alongside trying to achieve broader strategic objectives,” says HelpSystems CEO Kate Bolseth.... But of equal importance, especially for longer-term strategic goals, is ensuring the right processes are in place and educating and training employees.”says HelpSystems CEO Kate Bolseth

Security weaknesses in the supply chain and the proliferation of remote working situations were identified as the two threats with the most potential to cause damage in FS firms, at 46% and 36% respectively.

  • The research also found that around one-third of respondents had reacted quickly to update their regulatory best practices, while 46% had re-evaluated their cybersecurity training and policies to better reflect the increased home working.  
  • Almost half of the respondents felt COVID-19 had accelerated changes that were already in discussions, such as a move to Office 365. Such changes form part of broader digital transformation strategies, which was seen as the main challenge facing FS firms, according to HelpSystems.
  • Perhaps most alarming is the widespread and long term impact a malware attack can have on an organisation. Respondents indicated increased cost of security (59%), productivity loss (57%), system downtime (50%), and IT security strategy revisions (48%) as a few of the major consequences of an attack.

“Cyber-attacks are growing in volume and severity, so FS firms need to not only protect the organisation against day-to-day threats, but also make the transition to digital, meet regulatory demands, and secure a remote workforce in the light of COVID-19.”says Bolseth

Nearly half of all companies spoken to felt that Covid-19 has accelerated changes that were already in discussions, such as a move to Office 365. These changes now form part of broader digital transformation strategies, which was seen as the main challenge facing Financial Services in the future.

Help Systems:       Core Security:     Security Brief:        Security Boulevard:    PR Newswire:

You Might Also Read:

Malware Versus Ransomware: What’s the Difference?:

 

« Cyber Security For Home Working
Is AI The Future of Cyber Security? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Ciklum

Ciklum

Ciklum provide specialist software QA and testing services including Security QA and Performance QA, QA Automation and Manual QA.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

Dubex

Dubex

Dubex is Denmark's leading business-oriented IT security specialist.

SteelCloud

SteelCloud

SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.

Procilon Group

Procilon Group

Procilon Group specialize in the development of cryptographic software as well as strategic advice on information security and data protection.

FFRI

FFRI

FFRI is committed to research and development of preventing the most advanced cyber-attacks and breaches.

Czech Accreditation Institute

Czech Accreditation Institute

Czech Accreditation Institute is the national accreditation body for the Czech Republic. The directory of members provides details of organisations offering certification services for ISO 27001.

Finnish Accreditation Service (FINAS)

Finnish Accreditation Service (FINAS)

FINAS is the national accreditation body for Finland. The directory of members provides details of organisations offering certification services for ISO 27001.