Resources

Financial Institutions are Vulnerable to Cybersecurity Threats

Of the data breaches reported last year, 19% involved the financial sector, including entities such as banks, credit unions, credit card companies, mortgage and loan brokers, financial services, investment firms and trust companies, payday lenders and pension funds. While the banks and financial institutions make up less than 20% of total data breaches, breaches in the financial sector compromise significantly more information records than breaches in other sectors. 

Recent Breaches Highlight Sector Impact

Three examples of cybersecurity breaches in the financial services industry highlight the importance of financial services professionals being aware of the breadth and causes of successful cyberattacks while serving as a reminder of the need to keep their data secured at the highest standard.

Valuable Customer Data Enables Identify Theft

The reason is simple: the data held by financial institutions is highly valuable because it allows cybercriminals to perpetrate fraud for financial gain such gaining access to existing accounts, opening fraudulent accounts and obtaining lines of credits. Three critical pieces of data that the Banking and Financial Markets industry tries to protect are the customer's identity, account information, and credit card information. This information can be discovered through several data sources that banks and financial institutions routinely store in customer files.

Losing Reputation and Trust Means Losing Customers

Providing customers with a positive digital experience without compromising on security is key for banks and financial services companies in today’s market. Attacks on banks and financial services can result in significant, tangible damages such as lawsuits, legal fees, fines and fraud monitoring costs. For example, following a data breach one organization was obliged to provide affected customers with free credit monitoring for one year, and to reimburse all resulting damages.

In addition to substantial immediate costs to the organization, longer term intangible costs include the loss of customer trust from compromised personal data and potential reputation damage that could impact the company’s brand and market value

In a survey of identity theft and fraud victims, a significant number of respondents left their banks (28 percent), credit card companies (22.4 percent) and credit unions (12.3 percent) as result of unauthorized activity on their accounts.

A Regulatory Response to Financial Sector Breaches 

State governments are taking steps to ensure banks and financial institutions follow best practices in protecting customer data.  The New York Department of Financial Services (NYDFS) Cybersecurity Regulation, also known as the 23 NYCRR Part 500. The regulation puts more accountability for cybersecurity breaches on senior executives of financial services companies operating in New York City.

Just this single regulation is estimated to affect around 1,900 businesses in the Banking and Financial Markets industry. Firms are required to perform regular audits and employee training activities to comply with the regulation.

These institutions are subject to the cybersecurity requirements published by the NYDFS. There are 22 provisions in total, each relating to data protection.  As per the requirements, financial institutions must perform risk assessments in order to identify loopholes and ensure that nonpublic information and information systems are safe from unauthorized access. These may include risk-based authentication, multi factor authentication, and biometric authentication.

To address these needs, the size of the cybersecurity market servicing the financial sector is growing at a rapid pace and is projected to exceed $68 billion by 2020.

Recognize Risk and Take Steps To Mitigate

Financial institutions will continue to face ongoing cybersecurity threats. Cybercriminals will continue to seek out and find new ways to infiltrate your organization’s network. The goal might be to steal customer data or money.  Regardless of the goal, the methods cybercriminals employ are constantly evolving and becoming more sophisticated and potentially damaging. 

To properly respond, financial institutions must be prepared to adapt and redirect at every turn to counter both these evolving threats and from old proven methods. It is also critical that banks and other financial institutions take steps to prepare for a cyber breach by having a data breach response plan in place.

A growing number of CEOs recognize the emergence of data breaches and cyber attacks as the greatest risk banks and financial services companies face. That is the purpose behind the development of CyCloud - CyLogic’s flagship offering. We deliver a higher level of security than any public cloud provider. Our team would be happy to discuss how to mitigate the complex challenges the banking and financial services sector faces.

The Banking and Financial Services Industry is targeted by cybersecurity attackers 300 times more frequently than other industries. Financial firms are spending on average $3,000 per employee on cyber security reflecting a three fold increase in the last four years to combat the surge of state level attacks on their data. Cybercriminals and state sponsored attacks targeting banks are becoming increasingly sophisticated, stealing sensitive customer data for a variety of fraudulent activities.

Related Posts

Get Started

Contact Us

Get In Touch

Fill out the form below and we will contact you shortly.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.