Cyber threats to global financial systems are a given and, according to the Financial Stability Board (FSB) “a major cyber incident, if not properly contained, could seriously disrupt financial systems, including critical financial infrastructure, leading to broader financial stability implications.” The potential negative impact on the public’s trust and confidence, not to mention the significant economic costs of serious cyberattacks, could be devastating.
The COVID-19 pandemic exacerbated the issue. Since 2020, the financial sector has experienced the second-largest increase in cyberattacks, after the healthcare sector. And it makes sense: criminal activity will always “follow the money.” However, two critical factors have made finance and banking an even more appealing target since the pandemic.
- A transforming industry- Demand for online financial services was rising prior to COVID, but a global lockdown accelerated that demand. Financial institutions and banks have responded by bulking up their technology offerings while, incidentally, many tech companies have begun dipping their proverbial toes into finance and banking offerings. The subsequent instability has created a particularly vulnerable cybersecurity environment.
- Human factors- Malicious actors thrive in unstable environments, making the still-transforming finance sector a clear target for cybercriminals. Exacerbating the issue, the legions of new users interacting with online finance tools and platforms often don’t have the level of cybersecurity awareness needed to adequately protect their data.
Additionally, new compliance and regulatory requirements, a global cybersecurity talent shortage, and user expectations in terms of seamless, simple online transactions complicate the issue.
The Cybersecurity Threat Landscape
Today, a cybercriminal’s primary target is data, whether that’s an individual’s Personal Identifiable Information (PII) like Social Security number or financial account numbers, or an institution’s nonpublic market data or brokerage accounts. Malicious actors are illegally accessing that data through increasingly sophisticated means:
- Ransomware- This type of malicious software blocks access to computer systems until a ransom is paid. Financial institutions are increasingly the targets of ransomware, with nearly three-quarters of financial security leaders reporting that their companies experienced one or more ransomware attacks in 2022. In fact, in Q1 of 2022, the financial services sector experienced a 35% increase in ransomware attacks.
- Phishing- This technique allows hackers to acquire sensitive data through fraudulent solicitation in email or on a website, in which the perpetrator disguises themselves as a legitimate business or reputable person. Overall, the financial sector was the most frequently victimized by phishing in Q1 of 2022, receiving nearly a quarter of all attacks, according to the Anti-Phishing Working Group (APWG).
Financial Services Industry Response to Increasing Cyber Threats
With attacks growing more dangerous and more frequent, security leaders in finance are doubling down on their efforts to protect their organizations. The majority of companies surveyed in a study from VMware reported that they plan to boost their cybersecurity budget 20-30% in the coming year. Additionally, strategic partnerships in the private sector are bolstering the cybersecurity landscape by offering services like AT&T NetBond, a cloud networking solution that provides a highly secure, private connection between an AT&T network and an organization’s cloud resources. Further, organizations can work toward earning System & Organizational Control (SOC) compliance, which are third-party based audit reports demonstrating the adequacy of an organizations controls over security, availability, processing integrity confidentiality and privacy.
To remain sustainable, the financial services sector must forge and maintain particular vigilance when it comes to cybersecurity. As the caretakers of valuable customer and market data, financial institutions are subject to an ever-increasing number of cyber threats. With pressure from regulatory agencies and the need to protect brand reputation factoring into the mix, financial firms should feel motivated to invest the budget, time, and collaborative efforts needed to improve cybersecurity readiness, responsiveness, and resiliency in their organizations and across the industry.
At Ben, we have crafted a suite of ongoing liquidity solutions for investors in alternative assets. Our process seeks to give investors access to hard-earned investment capital, with liquidity provided from our own balance sheet. Ben proudly meets the financial services industry’s standards for cybersecurity. Contact us today to schedule a consultation with our expert team.
*Links are provided as a convenience and for informational purposes only. Some information contained in this article was provided or obtained by third parties. The sources are believed to be reliable, but accuracy and completeness cannot be guaranteed. The article is provided for informational and educational purposes only and is not a solicitation to buy, sell or exchange any securities. This information is not intended to be used as the primary basis for investment decisions, nor should it be considered as advice designed to meet the specific needs of an individual investor.