CategoriesIBSi Blogs Uncategorized

The rise of Fintech is a challenge for regulators, as outlined by the IMF earlier this year. Yet legislation isn’t the only area which needs to keep pace with the evolution of finance. As digital services and infrastructure expand, cybersecurity has never been more important.

by Simon Eyre, CISO, Drawbridge

Cyberattacks are on the rise – increasing in both frequency and sophistication – and financial players are a prime target. For instance, research from the Anti-Phishing Working Group, shows the financial sector (including banks) was the most frequently victimised by phishing in Q2 2022, accounting for over a quarter of all phishing attacks. A successful attack of any kind can have catastrophic consequences: in February, cryptocurrency platform Wormhole lost $320 million from an attacker exploiting a signature verification vulnerability.

Simon Eyre, CISO, Drawbridge, discusses your cybersecurity needs
Simon Eyre, CISO, Drawbridge

As finance evolves, it’s imperative that institutions of every size are doing all they can to protect themselves from cybercriminals. But what does that look like in practice? Let’s examine some key actions all companies must take.

Strengthening weak links

You may not be looking for weak links in your security infrastructure – but your adversaries definitely are. A single vulnerability is an open door for criminals.

Businesses must continually search for weak links in their cybersecurity armour – such as through vulnerability management and penetration testing – to identify and strengthen these weaknesses before malicious actors do.

This is especially important as working habits also evolve, with remote and hybrid working established as the norm. These offer many benefits but can also greatly increase risk as employees access systems from numerous locations and devices move on and off networks. In fact, Verizon’s Mobile Security Index report found that 79% of mobile security professionals agreed that recent changes to working practices had adversely affected their organisation’s cybersecurity. This isn’t to say that companies should ban remote working but they need to be aware of their heightened risk and be proactive about managing it.

Educating the team

A crucial part of this risk management involves employee education. Many cyberattacks rely on social engineering techniques like typo-squatting (often used in conjunction with targeted phishing attacks) to impersonate trusted parties and fool employees into providing critical access or even direct funds. Therefore, employees at every level need to know the techniques that are being used against them and be trained in the appropriate cybersecurity response.

The way this education is delivered is also important. A one-off PowerPoint presentation won’t cut it – teams need continuous training and engaging exercises, such as attack simulations, tabletop exercises and quizzes, to ensure that crucial information is taken in.

Creating a cast-iron incident response plan

Part of protecting yourself from the damage of a cyberattack is planning what to do in the event of one.

An incident response plan is a critical part of a firm’s cybersecurity infrastructure, structuring the steps to be taken following an incident. Plans should include key contacts and a division of responsibilities, escalation criteria, details of an incident lifecycle, checklists to help in an emergency and guidance on legal and regulatory requirements. Plans can even include template emails to support communications and companies should draw on knowledge from private resources and industry experts, as well as their government’s resources, to help them create a cast-iron plan.

The road ahead for finance and cybersecurity

Over the coming years, the rate of digital change isn’t set to slow. With BigTech’s eyes on banking, traditional banks innovating to keep up with challengers, the rise of ‘superapps’ and cryptocurrency supporting the emerging metaverse – to name just a few – there’s significant change still yet to occur.

The finance sector’s cybersecurity response must also continue to evolve in order to keep up. Part of this will mean relying more heavily on AI, such as in continuously monitoring networks for threats, although this tech will also be leveraged by cybercriminals. Additionally, it will be crucial for the cybersecurity as a whole to close its skills gap: there is currently an estimated global cybersecurity workforce gap of 3.4 million people.

The future is exciting but without the right protections, it can be dangerous too. If firms are to protect their assets and customers, they must build cybersecurity into the heart of their practices. Reaping the rewards of the FinTech boom means keeping firm control of your security risk.


  1. Thanks a lot for giving everyone an extraordinarily remarkable opportunity to discover important secrets from here. It can be so useful and also stuffed with fun for me and my office fellow workers to search your blog really 3 times every week to learn the new guidance you have. And of course, I am at all times motivated for the wonderful hints served by you. Some two ideas in this post are undeniably the most suitable I have ever had.

  2. Good V I should definitely pronounce, impressed with your website. I had no trouble navigating through all the tabs as well as related info ended up being truly easy to do to access. I recently found what I hoped for before you know it in the least. Reasonably unusual. Is likely to appreciate it for those who add forums or anything, site theme . a tones way for your customer to communicate. Nice task..

  3. Hey very nice website!! Man .. Beautiful .. Amazing .. I’ll bookmark your blog and take the feeds also…I am happy to find so many useful info here in the post, we need work out more techniques in this regard, thanks for sharing. . . . . .

  4. Thank you a bunch for sharing this with all of us you really recognize what you are speaking approximately! Bookmarked. Please also consult with my site =). We could have a link change arrangement between us!

  5. The core of your writing while appearing agreeable originally, did not settle well with me after some time. Somewhere throughout the sentences you were able to make me a believer unfortunately only for a while. I still have got a problem with your jumps in assumptions and you might do nicely to help fill in those breaks. In the event that you actually can accomplish that, I could surely be impressed.

  6. Great post. I was checking constantly this blog and I am impressed! Extremely useful information specifically the last part 🙂 I care for such info much. I was looking for this particular info for a long time. Thank you and best of luck.

  7. After study a few of the blog posts on your website now, and I truly like your way of blogging. I bookmarked it to my bookmark website list and will be checking back soon. Pls check out my web site as well and let me know what you think.

  8. Thanks for your entire effort on this blog. My niece delights in working on investigation and it’s easy to understand why. Most people know all concerning the compelling ways you make both useful and interesting suggestions on your web site and even boost contribution from the others on that content plus my simple princess is without question learning a great deal. Have fun with the remaining portion of the new year. You are performing a good job.

  9. I am very happy to read this. This is the kind of manual that needs to be given and not the random misinformation that is at the other blogs. Appreciate your sharing this greatest doc.

  10. It’s really a nice and useful piece of information. I am glad that you simply shared this useful information with us. Please stay us up to date like this. Thanks for sharing.

  11. I just like the valuable information you provide on your articles. I will bookmark your weblog and check once more here regularly. I am moderately sure I’ll be informed many new stuff proper right here! Good luck for the following!

  12. I was just seeking this info for a while. After 6 hours of continuous Googleing, finally I got it in your web site. I wonder what is the lack of Google strategy that don’t rank this kind of informative web sites in top of the list. Generally the top web sites are full of garbage.

  13. Can I just say what a relief to find someone who actually knows what theyre talking about on the internet. You definitely know how to bring an issue to light and make it important. More people need to read this and understand this side of the story. I cant believe youre not more popular because you definitely have the gift.

Leave a Reply

Your email address will not be published. Required fields are marked *

Call for support

1800 - 123 456 78

Follow us

44 Shirley Ave. West Chicago, IL 60185, USA

Follow us