The financial services industry has been one of the most targeted in 2018, with third-party risks still the main cause of data breaches in this sector. Almost 50 percent of financial institutions were breached in the past year, found a survey conducted by Bitdefender, while almost 60 percent experienced an advanced persistent attack or seen signs of suspicious behavior in their infrastructure.
A study by Generali Global Assistance (GGA) and Identity Theft Resource Center (ITRC) says that 8.5 percent of the total of 1,579 data breaches in 2017 in the US affected financial services businesses such as credit unions, banks and pension funds. In 2017, data breaches increased by 44.7 percent, while “financial services firms fall victim to cybersecurity attacks 300 times more frequently than businesses in other industries,” reads the report.
The financial services sector wins the award for “the highest cost of cybercrime,” as per research from Accenture indicating the spending is about 40 percent higher compared to other industries. Enterprises that can successfully contain breaches in less than a month could save significantly, especially in the healthcare and financial services sector. The longer it takes to contain a breach, the more a company has to lose in terms of revenue, reputation and customer trust.
According to Bitdefender, financial institutions in February and March 2018, only 17.8 percent of CISOs say it takes their team less than 24 hours to detect an advanced cyberattack. For now, a little over 45 percent say their company detects an attack in 1 to 6 days.
Financial services companies are severely impacted by business disruption and information loss, which end up draining the mitigation budget. Last year, the average spending all-industry US companies had per breach was $7.35, according to the global overview report from IBM and the Ponemon Institute. The costs are significantly higher for the financial industry.
Even though almost 60 percent of financial institutions have experienced an advanced attack or malware outbreak or have seen signs of suspicious behavior in their network in the past year, businesses in the financial sector still do not invest heavily in IT security and are comfortable with current funding levels, found Bitdefender. As many as 35.6 percent of CISOs say the IT security budget of the company they work for is acceptable.
The main obstacles in strengthening their company’s cybersecurity posture are a lack of: predictability (48.3%), visibility (36.4%), infrastructure-agnostic security (34.7%), skilled personnel (27.1%), budget (25.4%), control over backups and snapshots (16.9%) and granular access control over virtual machines and VMs pools (16.1%).
The global cyber skills deficit is another roadblock CISOs have to overcome as it affects their plans to develop a proper containment and mitigation strategy, Bitdefender found. 78.8 percent of IT executives say their IT security team is majorly under-resourced. The countries where scarce resources are a top struggle include Sweden (100%) and Denmark (100%), followed by the UK, where 84 percent said they are dealing with an under-resourced team, then Italy (81.8%), France (73.9%), Germany (70.6%) and the US (69.2%).
When asked about the best security defense approach against advanced attacks in their organization, almost 68 percent of CISOs mentioned next-generation security (endpoint detection and response capabilities - EDR). Other approaches mentioned are security audits (46.6%), traditional security (antimalware and endpoint protection solutions) (41.5%), layered security (24.6%), log monitoring (22.9%) and cybersecurity trainings (22%).
70.3 percent have a dedicated IT security budget for incident investigation and forensic (EDR), and 89.8 percent believe reaction time is a key differentiator in mitigating cyberattacks.
Among main obstacles that prevent rapid incident detection and response are the lack of: personnel (44.9%), proper security tools (39.8%), budget (35.6%), knowledge (31.4%), visibility (24.6%) and time (12.7%). 11 percent of CISOs say there are no main obstacles that prevent rapid incident detection and response.
To ensure network safety, CISOs have to adapt their strategies and policies to the threat landscape. If they don’t catch up with security threats, their companies might fall victim to security incidents that bring along reputational damage, revenue loss and even fines for failing to protect customer data.