
17 Jul Are financial services firms doing enough to protect systems and stay resilient?
Cybersecurity is a big issue for financial services firms, and it has been outlined as a key priority for 20/21 by many of the regulators, including the Financial Conduct Authority, Prudential Regulation Authority and the European Securities and Markets Authority. According to research from Boston Consulting Group, financial services firms experience up to 300 times as many cyber-attacks per year as other industries so cyber resilience could not be more critical.
So, what should financial services firms be doing to improve their cybersecurity?
Cyber threats have dogged the financial services industry for some time – at the end of 2018, the FCA revealed cyber attacks had increased by five times from the previous year – and in the Covid-19 crisis with so many people working from home, attackers have more opportunity to exploit weakness than ever.
Put governance in place and treat cybersecurity as a compliance issue
Technology has transformed the financial services industry, automating and simplifying many routine processes, but many firms have built huge systems that they rely on with little or no insight into the associated risks and the governance needed to manage them. Cybersecurity needs to be treated as a compliance issue and handled with the same seriousness as anti-money laundering or know-your-customer processes. Firms need to clearly allocate cyber resilience responsibility to a senior manager, and engage external specialists if necessary, to pro-actively spot and mitigate cyber threats.
What are the most common cyber threats for financial services firms?
It’s crucial to understand the attacks that are most likely to happen, in order to negate them, and as cyber criminals are becoming increasingly sophisticated and the type of threat evolves, continuous monitoring is essential.
Web application attacks are one of the most common threats, especially as web apps become more accessible and rely on user input. The best way to negate this type of attack is with robust firewalls and regular auditing of databases to pick up vulnerabilities before they are exposed. Distributed denial of service (DDoS) attacks are prolific and commonly used by attackers to slow down websites and make them unobtainable to users. Recent research from insights firm, Mindsight, found that one third of network downtime, which causes business interruption and reputational damage are caused by DDoS attacks. Many of these could be avoided as there are a multitude of tools that have been developed to negate DDoS attacks but not all financial services firms are using them effectively.
Data theft and breaches are one of the other most common problems in the sector, and they can be staggeringly expensive – IBM recently calculated that the average cost of a data breach amounts to $3.92 million. Protecting data has become particularly critical since PDS2 came into effect – the directive that forces banks to release information in a secure, standardised form. The best way to mitigate data theft is by tightening up authentication processes and, in particular, using two factor authentication wherever possible.
Insider threats and human error
According to IBM, 60 per cent of cyberattacks actually come from inside a company and the financial services sector is one of the top three industries at risk of insider attacks. Many of these attacks are intentional so maintaining strong cyber security controls, especially during remote working periods, is paramount. Along with intentional attacks like this, around a quarter of internal breaches are caused by human error such as using weak log in and password credentials or failing to recognise phishing scams. It’s crucial to make sure good cybersecurity principles, such as strong passwords and protecting credentials are filtered down through every area of a firm.
The repercussions of inadequate cybersecurity
The consequences of not prioritising cybersecurity can be huge for financial services firms, in terms of financial loss, penalties imposed by regulators and reputational damage. Under the GDPR regime alone, European regulators have imposed a huge 114m EUR in fines, with UK regulators threatening a further 329m EUR for data privacy breaches. Firms will sustain significant damage to their reputations if customer data is stolen, for example, or if trading is shut down because of a DDoS attack. In the wake of last month’s Wirecard scandal, even though the specific situation was due to accounting fraud rather than cyber infringements, payment systems are also likely to come under extra regulatory scrutiny.
Generally, regulators expect to see adherence to best practice in data storage, proper configuration of network storage and a good robust framework of cyber-security governance. Emerging technologies such as AI, big data and the Internet of Things have had an immensely positive impact on financial services but they have also introduced ever-evolving risks so as new technologies are introduced it’s critical that there is a continuous monitoring of potential threats.
What are the potential investment opportunities in a post COVID19 world?
Investing is all about staying on top of the news cycle to see how the latest bulletin can affect your current and future investment opportunities. A way to invest in the stock markets is to apply those short term news to a longer term view...
What would the impact of a no deal Brexit mean for Britain?
Since the Brexit vote to leave the EU in June 2016, there has been much done to push through the vote in practice but the intricacies of the actual withdrawal are still yet to be decided between Britain and the EU.
What do financial services firms need to know about the FCA’s new register, and what are the implications for SMCR?
The FCA launched its much-lauded updated Financial Services register in July, which aims to offer better protection and transparency for consumers. The register allows customers to see details of anyone involved in regulated activities, and the latest updates will make some key information more prominent...
What are the current drags slowing the US economy?
While the whole world has seen its own individual economies falling into a hard and fast recession in 2020, it is perhaps the US’s recession that catches the most market interest. What prospects does the US have at the moment for a recovery?
What National Stimulus Packages Have Been Implemented In Europe To Help Economies During The Pandemic?
The pandemic has highlighted the differences between how nations and countries approach tough situations. Some countries went into lockdown quickly, while others took a more mediated response. Additionally, while some nations worked together for the larger global economy, countries also have had their own individual...
Decentralized Ledger as a Consequence of Technical Innovations
Humanity's technological innovation has been a constant ever since we have discovered fire. However, it really started speeding up in the last several centuries. From the discoveries of things like the printing press and steam engine to modern technologies, the innovation...
What did Shinzo Abe’s approach to the Japanese economy achieve?
Towards the end of August 2020, the long time Prime Minister of Japan, Shinzo Abe announced his resignation from his role. He revolutionised the Japanese economy that had been struggling for years with deflation through the use of his Abenomics approach to the economy...
Germany is reforming financial regulation in the wake of Wirecard, should other countries follow suit?
The Wirecard debacle back in June was one of the biggest financial news stories of the year so far. It emerged that the payment processor had ‘lost’ around $1.9 bn in trust accounts just before it collapsed into insolvency, sending shockwaves around the sector...
What effects will the Fed’s new average inflation target seek to achieve?
At the end of August, the Fed announced that it will have a different approach to inflation. In direct comparison to how the Fed has actively fought inflation in the past, it will now tolerate inflation when it rises above 2% for short amounts of...
How will developing countries cope economically in the aftermath of the pandemic?
With so much of investors’ time being spent keeping an eye on the biggest economies of the world in the shadow of COVID19, it can be easy to overlook how developing nations will suffer in the wake of the pandemic. Despite a move towards deglobalisation...
-
What are the potential investment opportunities in a post COVID19 world?
15 February, 2021 -
What would the impact of a no deal Brexit mean for Britain?
15 December, 2020 -
What are the current drags slowing the US economy?
02 October, 2020 -
Decentralized Ledger as a Consequence of Technical Innovations
19 September, 2020
-
What are the potential investment opportunities in a post COVID19 world?
Investing is all about staying on top of the news cycle to see how the latest bulletin can affect your current and future investment opportunities. A way to invest in the stock markets is to apply those short term news to a longer...
15 February, 2021 -
What would the impact of a no deal Brexit mean for Britain?
Since the Brexit vote to leave the EU in June 2016, there has been much done to push through the vote in practice but the intricacies of the actual withdrawal are still yet to be decided between Britain and the EU. ...
15 December, 2020 -
What do financial services firms need to know about the FCA’s new register, and what are the implications for SMCR?
The FCA launched its much-lauded updated Financial Services register in July, which aims to offer better protection and transparency for consumers. The register allows customers to see details of anyone involved in regulated activ...
08 October, 2020 -
What are the current drags slowing the US economy?
While the whole world has seen its own individual economies falling into a hard and fast recession in 2020, it is perhaps the US’s recession that catches the most market interest. What prospects does the US have at the moment for ...
02 October, 2020 -
What National Stimulus Packages Have Been Implemented In Europe To Help Economies During The Pandemic?
The pandemic has highlighted the differences between how nations and countries approach tough situations. Some countries went into lockdown quickly, while others took a more mediated response. Additionally, while some nations work...
01 October, 2020 -
Decentralized Ledger as a Consequence of Technical Innovations
Humanity's technological innovation has been a constant ever since we have discovered fire. However, it really started speeding up in the last several centuries. From the discoveries of things like the printing press and steam eng...
19 September, 2020
Sorry, the comment form is closed at this time.