TL;DR Summary
Financial institutions face relentless cyber threats—phishing, ransomware, and third-party attacks—amid complex regulations and understaffed security teams. Cloud adoption and digital transformation expand the attack surface, while supply chain vulnerabilities add risk.
To build resilience, Fortra recommends:
- Automated vulnerability management
- Data classification and protection
- Secure managed file transfer (MFT)
- Employee training and awareness
- Integrated compliance-ready solutions
Bottom line: resilience requires layered defenses, smarter tools, and proactive strategies tailored to the financial sector’s unique challenges.
Financial Services Cybersecurity Today
The financial services cybersecurity environment is extremely complex, with a dizzying number of often-overlapping regulations, ongoing threats, and understaffed teams trying to manage it all. Despite paying significant attention to security, many organizations continue to be the targets of advanced persistent threats, fraud, sophisticated phishing campaigns, and other bold efforts to access the personally identifiable information (PII) and other sensitive IP they maintain.
Cyberattacks Are at a Record High—and Won’t Lessen Any Time Soon
Threat actors are emboldened in times of chaos. Their tenacious tactics—and frequent successes—rise in concert with geopolitical, social, and environmental upheaval.
2021 was a particularly devastating year in terms of cyber-attacks, and the financial services industry was hit hard. The rapid information digitization in the industry and ability of threat groups to avoid discovery and penalty have enabled seemingly unchecked advances. State-sponsored hacking campaigns have increased globally, making it difficult for many governments to curtail phishing attacks and ransomware sanctioned at the highest levels by rogue nations.
The scourge isn’t expected to abate in the coming months. FS-ISAC, the Financial Services Information Sharing and Analysis Center, recently announced in its Navigating Cyber 2022 Report that the top threats this year are expected to be third-party attacks, zero-day vulnerability exploits, and ransomware. Organizations need to further efforts to harden security now to protect their businesses and their customers.
Business Email Compromise (BEC) Fraud and Ransomware Attacks Delivered Through Phishing
PhishLabs research found 33.8% of all phishing attacks in Q1 of 2021 targeted financial institutions, and that figure rose to 61.3% of all phishing sites in Q4. These types of attacks have become highly sophisticated in recent years with well-designed emails and realistic messaging. This makes it difficult for employees to differentiate malicious endeavors from harmless communications. In fact, highly targeted business email compromise (BEC) schemes continue to trick employees into thinking one of their executives is asking them to take a particular action regarding sensitive financial information, such as transferring funds into a new account. You can learn more about handling BEC in this recent article.
Phishing emails can also deliver ransomware that encrypts or locks down systems until a threat actor’s demands are met. These attacks quickly take hold of networks after an employee clicks a link or opens a malicious attachment. Ransomware can be particularly devastating for financial services firms as they can’t afford downtime or the loss of direct access to funds.
Maintaining Compliance with Strict Regulations
GDPR, CCPA, SOX, GLBA, FINRA, PCI DSS—the financial services industry is no stranger to the alphabet soup of regulatory requirements governing all aspects of how sensitive data is stored, shared, processed, and destroyed. These details must be understood and addressed to comply with restrictions for data residency, sovereignty, and localization.
Compliance can present a significant burden to understaffed IT and InfoSec teams as they walk a fine tightrope to balance acceptable risk and business convenience. As the global workforce gap is around 2.72 million security professionals, it’s often a significant effort not only to maintain compliant practices, but also to monitor and document ongoing adherence. Additionally, staying up on the changes to the fine print of regulations can also pose a challenge. Of note, the PCI Security Standards Council (PCI SSC) recently published PCI Data Security Standard v4.0 to address emerging threats to the high-value account information PCI DSS safeguards.
Cloud and Online Services Add Fuel to the Cyber-Attack Fire
Like many companies, financial services organizations have embraced the trend of digital transformation and looked to the cloud and/or managed service providers (MSPs) to augment their capabilities. Mission-critical workloads and data now reside in the cloud to support geographically dispersed workforces and customers as well as access to this information via smartphone apps and mobile devices.
As such, the traditional on-premises security perimeter has disappeared. While the fast provisioning, 24/7 IT resources, and impressive uptime of the cloud offer notable benefits for financial services enterprises, reliance on hybrid or full cloud infrastructure can inject another layer of complexity when it comes to security. Teams need to fully understand their contract with cloud providers and MSPs to scope out responsibilities and security practices—and avoid surprises.
Resilience Is Needed Throughout the Supply Chain
Not all financial services organizations thoroughly understand how their partners handle security. This is a dangerous oversight, as an attack on a third-party provider can have a ripple effect throughout the industry, particularly for shared services. Ensure your supply chain partners have taken the right security steps to protect themselves as well as your business in a way that meets applicable compliance mandates and can ensure business continuity. Many well-known organizations have made the news for their association with smaller partners that didn’t effectively protect data or left vulnerabilities unchecked.
How Financial Services Organizations Can Prioritize and Manage Cybersecurity Risk
Given the complexity of this high stakes environment, the next logical question for CISOs and their teams is “How can we manage our risk?”. Fortra works with leading financial services organizations to assess the efficacy of existing efforts and identify vulnerabilities and areas of improvement. There are three key solution spheres to consider when working to enhance your level of visibility, control, and protection.
- Identify and manage the vulnerabilities
Modernizing your approach to vulnerability detection and management hinges on maximizing automation and achieving efficiency in the tools you use. Performing host discovery and vulnerability scans of external (internet facing) and internal IP-based systems and networks is an excellent start. Monitoring security risk scores is another valuable tactic. Learn more about Fortra vulnerability management
- Discover and secure valuable data
You know you have sensitive data stored on computers, cloud and on-premises servers, mobile devices, and more. But it must be classified before it can be protected properly. To do this, you’ll have to determine where data is stored, how it’s used, and where it flows. This includes identifying both structured and unstructured data. Learn more about Fortra data protection
- Collaborate securely and compliantly
Working with internal employees and external stakeholders including customers, partners, and third-party business associates requires strict attention to how data and files are shared. Safeguarding financial file transfers using secure managed file transfer (MFT) gives you full control and audit capabilities over how sensitive PII moves and who can access it. Learn more about Fortra secure managed file transfer
Staying Positive in an Uncertain Landscape
Cyber-attacks have become weapons, scare tactics that erode trust and peace of mind, and weary financial service security teams are becoming desensitized to the ongoing state of high alert. At Fortra, we’re here to help. Our teams are dedicated to developing new ways to detect and thwart global threat actors and the chaos they cause. Our software keeps your valuable sensitive data protected.