Financial services industry among top targets of cyberattacks

Reading time: 4 min
Share this Share on email Share on twitter Share on linkedin Share on facebook

In 2017, global spending on cybersecurity totaled about $86.4 billion, while in 2018 businesses will reportedly spend $93 billion, according to estimations from Gartner.

The financial services industry, which suffers a high risk of cybersecurity incidents, is a critical area for regulation. After vital cybersecurity obligations were instituted in 2017, US regulators released an annual report discussing the threat landscape and risks affecting the stability of the financial system. According to the Financial Stability Oversight Council, cybersecurity will be one of the top risks, alongside cryptocurrency.

“Housing finance reform legislation is needed to create a more sustainable system that enhances financial stability,” the report says.

Although measures have been taken to protect against future attacks and identity theft, “the rate of data breaches in the last year has risen from 19% last year to 24% this year,” found Thales in the Data Threat Report. In 2017, 78 percent of organizations in the financial sector have increased IT security budgets, up from 58 percent in 2016.

“While the financial sector has made substantial technological advances, it’s still tied to security solutions that worked in the past but aren’t necessarily the most effective at stopping modern attacks,” said Garrett Bekker, analyst at 451 Research.

“There are a number of data security technologies – such as encryption and key management solutions – that could arguably do a better job of protecting data, particularly data being used in cloud, big data and IoT environments,” Bekker said”

In 2014, US bank JPMorgan Chase fell victim to a historical data breach that compromised 83 million accounts. The SWIFT banking network was attacked multiple times in 2015 and 2016, inflicting millions of dollars in losses. Also, ATM hacks are no longer novel. While the hackers’ methods grow in dynamics and complexity, banks remain slow in detecting breaches, sticking more to theory than practice.

Hackers launch attacks on banks daily, and most often successfully breach the infrastructure. In spite of this, 78 percent of organizations are fully satisfied with their cybersecurity strategy and mitigation efforts, according to a report from Accenture.

Technology is an important pillar that makes the financial system work and, if proper security measures are not taken to safeguard infrastructures, the outcome could affect not only the financial services sector, but the country’s overall economy as well. To properly handle and mitigate cybersecurity risks, US regulators argue the need for strong collaboration between the government and the financial industry, especially in terms of vulnerabilities, potential threats and business implications.

Equally important is “the creation of a private sector council of senior executives that would focus specifically on ways that cyber incidents could impact business operations and market functioning and liaise with principal-level government counterparts on cybersecurity issues.”

Cryptocurrency is another issue raised by regulators, who believe it should be closely monitored, as it facilitates extortion, money laundering and terrorism financing. Afraid of its growing popularity, some governments have banned it, while others have embraced it and are looking into ways to regulate it. Regardless, it creates difficulties for the financial industry as it bypasses official guidelines and regulations.