Who Can You Trust With Your Data?

In a recent survey of some 70,000 consumers across the US, Singapore, UK and Australia, security company Imperva found that just 37% of respondents trust financial services firms to keep their data safe. And it appears that many of us are becoming desensitised to cyber security risks with half of those polled said they couldn’t keep track of the security posture of the organisations they work with.

Another report in January 2022 from UK consumer group Which? suggest that there may be good reasons for concern.

The report accused many UK retail banks of leaving their customers exposed to fraud by neglecting to implement security measures such as website protections and allowing users to set insecure passwords.

Which?’s investigation, conducted with security firm 6point6, tested the online and mobile app security of the UK’s 15 largest current account providers, measuring criteria such as encryption and protection, login, and account management and navigation. 

Cyber attacks on the finance sector are not new, but as large banks and institutions bolster their defences, cyber criminals have turned their attention to high-net-worth individuals and the wealth management industry. A 2020 online survey of 200 family office executives, carried out by Boston Private, an investment group with $14bn under management, found that 26 per cent had suffered a cyber attack. The Boston Private survey found only 31 per cent of smaller family offices had implemented cyber security measures, versus 60 per cent of larger operations.

The most common cyber attack on family offices is phishing and criminals are becoming increasingly sophisticated when it comes to sending fake messages requesting financial information or convincing their victims to make payments to rogue bank accounts. They will often spoof or manipulate email accounts to impersonate genuine payees. An email like this nearly cost a wealthy British art collector £6m when cyber criminals managed to impersonate a genuine art dealer, with whom the collector had been negotiating for a year.

Reasons To Be Fearful 

While money is the big motivator for cyber attacks on financial institutions and wealthy individuals, it’s not the only target.  Financial and personal data in many structured and unstructured forms is worth a lot of money to hackers who can ransom it or sell it for identity theft and phishing. The threats were compounded further through the pandemic with so many people suddenly working from home. Connecting to a network remotely from new devices is risky and if just one endpoint is compromised, it can provide a back door into the whole network. Then there is the human factor, without doubt, the weakest cybersecurity link in any organisation. And while financial organisations invest in security awareness training, someone somewhere is always going to click on a malicious link or open a rogue document. Most recently, the invasion of Ukraine and increasingly unstable global geopolitics has heightened the risks of attacks from state-sponsored criminal groups.

Time For A Change

The traditional way to mitigate these risks is to try to identify and then block malicious activities using anti-virus software and more recent techniques such as threat intelligence centres, endpoint telemetry, zero-trust and user behaviour analysis. But cybercriminals have a habit of being one step ahead and while anti-malware vendors try to keep up, mainstream security is always one step behind.

So, why bother trying to identify anything malicious? A better way is to simply block all unauthorised processes from executing. In a business and financial environment, there is generally no reason for a previously unknown application, executable or script to run. If it is not on your list of authorised processes, then it should simply be blocked. A bit like the bouncer on the door. If you’re not on the list, you won’t get in. Using this approach, ransomware attacks on banks and financial institutions can be prevented before any damage is done. 

The other mainstream approach to preventing data theft is to layer up defences to stop cyber criminals from getting in. But a compromised user account will pass all these tests, granting the ‘authorised’ user easy access to data, which can be extracted to the endpoint and then stolen by copying it externally. 

Full disk encryption is frequently used to mitigate this problem because it encrypts your device. This is fine if you lose your laptop, but on a running system it will hand over decrypted data to every process that asks for it. And as cyber criminals can only steal data from running systems, full disk encryption cannot prevent this theft.

The answer is to encrypt all of your data, all of the time. But to work, full data encryption must be just as transparent and as easy to use and data needs to be encrypted at rest, in transit and in use no matter where it gets copied - including when it is stolen. 

This way, if cyber criminals steal data, it is useless to them, as they are unable to decrypt it – reverse ransomware you might say.

This approach also avoids the cost and hassle of deciding if data is sensitive or not. Rather than categorising data into different levels of sensitivity and treating them differently, all data is treated as sensitive. With the technology and processing power available today, encrypting everything at file level is a seamless and affordable way to protect data. Security is most effective when it is applied as close to the source as possible and you can’t get closer than the data itself. 

Adopting this data-centric approach would make a big difference and at a time of global conflict and global instability, robust security is more important than ever.

The UK's NCSC is calling for "increased cyber-security precautions", particularly for national critical infrastructure, while US President Joe Biden has called on private companies and organisations in the US to "lock their digital doors", from possible Russian cyber-attack on the US. Data-centric security goes to the heart of the problem by securing data against theft and ransom. 

Nigel Thorpe is Technical Director at SecureAge 

You Might Also Read: 

Never Trust Anything Again - The Zero Trust World:

 

« US Supreme Court Blocks Texas Law On Social Media ‘Censorship’
Deactivated Domains Used For Spear-Phishing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Credence Security

Credence Security

Credence Security (previously ARM) the regions speciality distribution company, specializes in IT security, Forensics and Incident Response.

Tenfold Software

Tenfold Software

Tenfold is the unique, centralized platform for managing user and permissions efficiently and automatically.

Cyber Security Raad (CSR) - Netherlands

Cyber Security Raad (CSR) - Netherlands

The Cyber Security Council (CSR) is a national, independent advisory body of the Dutch government undertaking efforts at strategic level to bolster cyber security in the Netherlands.

Codeproof Technologies

Codeproof Technologies

The Codeproof enterprise mobility solution empowers your business to secure, deploy and manage mobile applications and data on smartphones, tablets, IoT devices and more.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

ISH Technologies

ISH Technologies

ISH provides Cybersecurity Services, IT Infrastructure Services, Cloud Computing Services, and a Tier III Data Center.

Aujus Cybersecurity

Aujus Cybersecurity

Aujas is a pure-play cyber security services company with deep expertise in Identity and Access Management, Managed Security and Security Testing services.

Axxum Technologies

Axxum Technologies

Axxum Technologies is a premier provider of Network Communications and Information Technology Security Solutions.

Centre for Cyber Security Belgium (CCB)

Centre for Cyber Security Belgium (CCB)

The Centre for Cyber Security Belgium is the central authority for cyber security in Belgium.

eMazzanti Technologies

eMazzanti Technologies

eMazzanti Technologies provides IT consulting services for businesses ranging from home offices to multinational corporations throughout the USA and internationally.

Visible Risk

Visible Risk

The VisibleRisk Cyber Rating and Platform equips business leaders to better understand and manage cyber risk.

Bedrock Systems

Bedrock Systems

BedRock Systems is on a mission to deliver a trusted computing base from edge to cloud, where safety and security isn’t just a perception, it’s a formally proven reality.

ENSCO

ENSCO

The ENSCO group of companies provides engineering, science and advanced technology solutions that guarantee mission success, safety and security to governments and private industries worldwide.

Tromzo

Tromzo

Tromzo's mission is to eliminate the friction between developers and security so you can scale your application security program.

Riskcop Advisory

Riskcop Advisory

Riskcop Advisory LLC is a trusted name in the industry that is famous for offering top-quality cyber security solutions for small business at an affordable price.

NetCentrics

NetCentrics

NetCentrics leverages an innovative, agile, ‘what’s-next’ approach to our customers’ IT and cyber challenges.