The rise of Fintech is a challenge for regulators, as outlined by the IMF earlier this year. Yet legislation isn’t the only area which needs to keep pace with the evolution of finance. As digital services and infrastructure expand, cybersecurity has never been more important.
by Simon Eyre, CISO, Drawbridge
Cyberattacks are on the rise – increasing in both frequency and sophistication – and financial players are a prime target. For instance, research from the Anti-Phishing Working Group, shows the financial sector (including banks) was the most frequently victimised by phishing in Q2 2022, accounting for over a quarter of all phishing attacks. A successful attack of any kind can have catastrophic consequences: in February, cryptocurrency platform Wormhole lost $320 million from an attacker exploiting a signature verification vulnerability.
As finance evolves, it’s imperative that institutions of every size are doing all they can to protect themselves from cybercriminals. But what does that look like in practice? Let’s examine some key actions all companies must take.
Strengthening weak links
You may not be looking for weak links in your security infrastructure – but your adversaries definitely are. A single vulnerability is an open door for criminals.
Businesses must continually search for weak links in their cybersecurity armour – such as through vulnerability management and penetration testing – to identify and strengthen these weaknesses before malicious actors do.
This is especially important as working habits also evolve, with remote and hybrid working established as the norm. These offer many benefits but can also greatly increase risk as employees access systems from numerous locations and devices move on and off networks. In fact, Verizon’s Mobile Security Index report found that 79% of mobile security professionals agreed that recent changes to working practices had adversely affected their organisation’s cybersecurity. This isn’t to say that companies should ban remote working but they need to be aware of their heightened risk and be proactive about managing it.
Educating the team
A crucial part of this risk management involves employee education. Many cyberattacks rely on social engineering techniques like typo-squatting (often used in conjunction with targeted phishing attacks) to impersonate trusted parties and fool employees into providing critical access or even direct funds. Therefore, employees at every level need to know the techniques that are being used against them and be trained in the appropriate cybersecurity response.
The way this education is delivered is also important. A one-off PowerPoint presentation won’t cut it – teams need continuous training and engaging exercises, such as attack simulations, tabletop exercises and quizzes, to ensure that crucial information is taken in.
Creating a cast-iron incident response plan
Part of protecting yourself from the damage of a cyberattack is planning what to do in the event of one.
An incident response plan is a critical part of a firm’s cybersecurity infrastructure, structuring the steps to be taken following an incident. Plans should include key contacts and a division of responsibilities, escalation criteria, details of an incident lifecycle, checklists to help in an emergency and guidance on legal and regulatory requirements. Plans can even include template emails to support communications and companies should draw on knowledge from private resources and industry experts, as well as their government’s resources, to help them create a cast-iron plan.
The road ahead for finance and cybersecurity
Over the coming years, the rate of digital change isn’t set to slow. With BigTech’s eyes on banking, traditional banks innovating to keep up with challengers, the rise of ‘superapps’ and cryptocurrency supporting the emerging metaverse – to name just a few – there’s significant change still yet to occur.
The finance sector’s cybersecurity response must also continue to evolve in order to keep up. Part of this will mean relying more heavily on AI, such as in continuously monitoring networks for threats, although this tech will also be leveraged by cybercriminals. Additionally, it will be crucial for the cybersecurity as a whole to close its skills gap: there is currently an estimated global cybersecurity workforce gap of 3.4 million people.
The future is exciting but without the right protections, it can be dangerous too. If firms are to protect their assets and customers, they must build cybersecurity into the heart of their practices. Reaping the rewards of the FinTech boom means keeping firm control of your security risk.
17 Comments
Thanks a lot for giving everyone an extraordinarily remarkable opportunity to discover important secrets from here. It can be so useful and also stuffed with fun for me and my office fellow workers to search your blog really 3 times every week to learn the new guidance you have. And of course, I am at all times motivated for the wonderful hints served by you. Some two ideas in this post are undeniably the most suitable I have ever had.
http://www.tlovertonet.com/
I like this weblog so much, bookmarked.
https://850cottages.com/
Good V I should definitely pronounce, impressed with your website. I had no trouble navigating through all the tabs as well as related info ended up being truly easy to do to access. I recently found what I hoped for before you know it in the least. Reasonably unusual. Is likely to appreciate it for those who add forums or anything, site theme . a tones way for your customer to communicate. Nice task..
https://www.ledlightbulb.net/index.php?main_page=index&cPath=205
Hello my family member! I want to say that this article is amazing, great written and come with almost all vital infos. I’d like to peer more posts like this .
https://www.thehiddenpages.com
Thankyou for all your efforts that you have put in this. very interesting info .
https://agencyassassin.com
Hey very nice website!! Man .. Beautiful .. Amazing .. I’ll bookmark your blog and take the feeds also…I am happy to find so many useful info here in the post, we need work out more techniques in this regard, thanks for sharing. . . . . .
https://www.eagleeyewine.com/
I’m typically to blogging and i really admire your content. The article has actually peaks my interest. I am going to bookmark your web site and preserve checking for new information.
https://www.axilusonline.com/hire-a-hacker-for-instagram/
Its such as you learn my mind! You seem to know a lot approximately this, such as you wrote the book in it or something. I believe that you could do with some p.c. to power the message house a little bit, but other than that, this is wonderful blog. A great read. I will certainly be back.
https://www.oraclemobilesecurity.com/iphone-hackers-for-hire/
Thank you a bunch for sharing this with all of us you really recognize what you are speaking approximately! Bookmarked. Please also consult with my site =). We could have a link change arrangement between us!
https://youtu.be/WdflOkfiI2c
The core of your writing while appearing agreeable originally, did not settle well with me after some time. Somewhere throughout the sentences you were able to make me a believer unfortunately only for a while. I still have got a problem with your jumps in assumptions and you might do nicely to help fill in those breaks. In the event that you actually can accomplish that, I could surely be impressed.
https://youtu.be/qk1ptOoXkxM
Great post. I was checking constantly this blog and I am impressed! Extremely useful information specifically the last part 🙂 I care for such info much. I was looking for this particular info for a long time. Thank you and best of luck.
https://youtu.be/3zP9p-Rg4vs
F*ckin’ amazing things here. I’m very happy to see your post. Thanks so much and i am taking a look ahead to touch you. Will you please drop me a e-mail?
https://www.ledlightbulb.net/index.php?main_page=index&cPath=177
I reckon something genuinely special in this site.
https://youtu.be/zRP1fV24kDY
Really wonderful information can be found on website.
https://youtu.be/_xbkhhoWj6o
What Is Sugar Defender? Sugar Defender Drops is a powerful friend for people who want to control their blood sugar levels
https://youtu.be/KkarX_kz6g4
I really prize your piece of work, Great post.
https://youtu.be/th1Lrr8dubQ
There is perceptibly a bundle to realize about this. I believe you made certain good points in features also.
https://youtu.be/gLoxQq2GYbk