Navigating Cybersecurity Trends: Crafting Strong Strategies for Financial Institutions

In today's digital age, the Financial Services industry is facing a surge in cyber-attacks, causing challenges to banks, and threating the integrity of the industry. These attacks have grown significantly, targeting sensitive data, disrupting critical operations, and lead to erosion of trust amongst customers. As financial institutions strive to stay ahead in an interconnected world, the battle against cyber threats has become more urgent than ever. Around 73% of global chief risk officers view cybersecurity risk in banking as the top issue that will require their utmost attention (According to the?13th annual EY/IIF?global bank risk management survey released in February - 2024).

Cybersecurity remains a key concern in Financial Services industry

The rise in cybercrime incidents across various industries is a pressing concern, with financial services being one of the hardest-hit sectors. The impact of cybercrime on the financial industry is significant, posing a major challenge for organizations.

• There are over 700 cyberattacks on financial firms per week.
• Financial services industry witnessed an increase of ~40% CAGR (2020 to 2022) in number of data violation cases.
• 71% of financial services have seen an increase in wire transfer fraud.
• 74% of industries in financial services have been victim of ransomware.

The financial services industry is currently facing an alarming surge in cyber-attacks, fuelled by the rapid digital transformation, and escalating geopolitical tensions. Several key factors contribute to this intensifying threat landscape:

• Rapid technological advances: The ever-evolving technological landscape offers attackers increasingly sophisticated tools. Disruptive technologies, such as artificial intelligence (AI) and quantum computing, have the potential to break even the strongest security measures and encryption, making it more challenging to defend against cyber threats.
• Increased interconnections: The lightning-fast speed and interconnected nature of financial services transactions across the globe significantly increase the attack surface. With extensive interconnections, the industry faces a broader range of potential entry points for cyber attackers.
• Escalating geopolitical tensions: The rise in geopolitical tensions has led to an alarming increase in coordinated cyber-attacks. Examples like the WannaCry and NotPetya attacks demonstrate the scale and impact of coordinated attacks, which have the potential to disrupt multiple countries and industries simultaneously.
• Lack of global collaboration: The absence of comprehensive collaboration among global financial markets hampers efforts to mitigate the incidence of cyber-attacks. Cooperation and information sharing are critical in effectively countering cyber threats, as they help establish common defenses and share threat intelligence.

Emerging cyber threats means that the FS industry needs to have robust risk mitigation strategies in place

The higher the number of touchpoints, the greater the threat of breach. The number of touchpoints for banks and financial services is increasing with the integration of consumer platforms and mobile applications. Also, inexpensive phishing-as-a-service and ransomware-as-a-service have become readily available on the dark web and don’t require a user to be very tech-savvy, raising significant concerns for the financial services sector more broadly.

• Ransomware attack: Malware that locks up or encrypts files, with a ransom demanded to restore access. Representing 25% of all cyber breaches in 2022, ransomware attacks carry huge reputational risk for banks due to the potential for customer data to be published.
• Phishing attack: When an attacker masquerades as a trustworthy entity to trick victims into clicking malicious links that gives the attacker access to login credentials, passwords, and OTPs. In 2022, ~36% of total phishing attacks worldwide targeted financial institutions.
• Cloud security threat: Risk of unauthorized access, use, or theft of sensitive data stored in a cloud environment. The cybersecurity threat is driving an expected 33% CAGR over 2021-2026 for banking cloud security solutions globally.
• Inter-firm connectivity security breach: If financial institutions’ APIs or other connections are not properly secured, there is a risk of spillovers from one institution to another. In 2022, API abuses became the most-frequent attack vector.
• Denial of service (DoS): A DoS attack (initiated by a single computer) or DDoS attack (distributed denial of service attack, by multiple computers) is orchestrated to overwhelm the bank server with traffic until it ceases to respond to legitimate service requests. Most banks today have effective solutions to ward off DoS/DDoS attacks. Nevertheless, attacks in the financial services industry increased by 22% YoY in 2022.
• Straight-up hacking: Poor server protection and compromised systems can lead to cyberattacks. Rootkits and attack scripts make it easier for hackers, even inexperienced ones, to create security issues. Financial services are top 5 most attacked industries by share of rootkit attacks.

Financial institutions are taking a series of proactive steps to combat the rising cyber crimes

Financial institutions are ramping up their efforts to combat the rising incidents of cyber-attacks in today’s environment. To address this critical concern, financial institutions are taking a series of proactive steps:

• Adopting advanced cybersecurity technologies and Infrastructure: Financial institutions are adopting advanced cybersecurity measures - firewalls, intrusion detection, encryption - to protect data, prevent unauthorized access, and fortify against cyber threats.
• Focusing on cybersecurity awareness and training Programs: Financial institutions are prioritising cybersecurity awareness, equipping employees with knowledge to identify threats, phishing, and secure behaviour. This strengthens the "human firewall," minimizing social engineering risks and enhancing overall cybersecurity resilience.
• Strengthening access control measures and multi-Factor authentication: Financial institutions are implementing stringent access control protocols to ensure only authorized individuals can access critical systems and data. They are focusing on implementing multi-factor authentication to add an extra layer of security.
• Regular security audits and penetration testing: Financial institutions are proactively conducting security audits and penetration testing to identify and address vulnerabilities before exploitation.
• Enhanced incident response and recovery capabilities: Financial institutions are establishing dedicated security operations centers (SOCs) manned by cybersecurity experts who utilize advanced tools, threat intelligence analysis, and incident response playbooks for a swift and coordinated response to cyber-attacks, minimizing damage and mitigating risks.

Additional pillars to prioritize

In addition to aforementioned steps, financial institutions must prioritize an increased focus to below areas to effectively manage the rising cyber-crimes within the industry:

• Banks must thoroughly assess the risks posed by third-party tech vendors amidst expanding ecosystem collaborations.
• Maximizing the potential of emerging technologies like AI and blockchain can greatly bolster cybersecurity measures.
• A cybersecurity agenda at the board level ensures resilience in the face of disruptions and transformations.
• Granting increased attention and resources to Chief Information Security Officers (CISOs) is essential for maintaining robust cyber resilience.

?

Disclaimer:

The views reflected in this article are personal and do not necessarily reflect the views of the global EY organization or its member firms.