A look back on 2018 shows the financial services industry turned out to be the most at risk, with security incidents and breaches skyrocketing. Top threats to the financial services industry include cloud security and third-party risks, while the most prevalent techniques are DDoS, social engineering, spear-phishing, ransomware and insider threats, according to a Bitdefender white paper.
In the wake of increased sophisticated attack schemes on banks and financial institutions in general, leveraging digital transformation and little-to-no investments in IT security tools, financial companies in the US plan to boost spending on safeguarding infrastructures in 2019, Bloomberg reports, citing a survey by data security company Thales eSecurity. Approximately 36 percent suffered a security incident or detected unauthorized access in their infrastructure in 2018, up from last year’s 24 percent.
The current annual spending averages $1 billion by big names in the industry such as Equifax Inc and Anthem Inc, with budgets boosted right after major data breaches that affected millions of customers. This increase is up by 6% from last year’s 78%.
As many as 84 percent of senior security officers say they will undertake a serious budget push in this direction, as investments so far are apparently not be enough. An important roadblock could be not so much the amount itself, but prioritization of actual investment. Thales found that companies don’t spend enough on network and data security as it is not the top priority it should be. Instead, companies chose to focus on securing personal computers.
“The emphasis needs to shift to protecting data,” Andy Kicklighter, Director of Product Marketing, said in an interview. “Companies are afraid that data protection will disrupt their business, but that’s a concern of yesterday. There are a multitude of solutions today that won’t disrupt or slow down regular business while protecting the data.”
IT security professionals from the US and Europe complain of extreme difficulty in covering security operations due to a number of critical issues. As per Bitdefender’s survey of over 118 companies, a critical lack of industry specialists, IT tools, budget and even knowledge constitute top roadblocks facing financial organizations. Almost half of respondents in the study said their company was breached at least once in 2018, and almost 60 percent have experienced an advanced attack or seen signs of suspicious behavior in their infrastructure.
Financial services organizations have to adapt to the fluctuations of the security landscape or face the consequences. As a solution, over 80 percent trust EDR-like tools as a solid option to fend off attacks. Systems need robust protection at the hypervisor level to prevent attacks, which can be achieved through multiple lines of defense that will eliminate blind spots and provide advanced threat protection. Additional layers of protection can ensure optimal infrastructure protection by increasing infrastructure visibility and stopping attacks before they even take place, without affecting system performance. Other measures they could take to protect their networks include workshops for employees to understand security threats and help them recognize attacks such as social engineering attempts, as well as investing in network and cloud security and bolstering security teams.