Most Large Financial Firms Have Been Attacked In The Past Year

No matter how much technology progresses, malware continues to be a consistent menace that criminals use and they have been improving its effects. Ransomware also continues to plague organisations, with 43% of respondents having experienced an attack and 80% of respondents believing they will experience another attack within the next 12 months. 

Over 60% of large financial services (FS) firms have suffered a cyber attack in the last year, according to new research released from data security provider HelpSystems. Although most FS organisations have increased their cyber security investment over the previous 12 months, the attacks continue.

The main investment priorities for CISOs over the next 12 months include secure file transfer (64%), protecting the remote workforce (63%) and cloud/Office365 (56%).

Reports have confirmed patterns throughout this year, that the COVID-19 pandemic has exacerbated the risk from cyber-attacks. Indeed a survey of 250 CISOs and CIOs from FS firms across the world, revealed that 45% of respondents reported an increase in cyber-attacks since the pandemic first emerged. 

There are countless examples of cyber attacks where this weakness was exploited, highlighting just how hard it can be to keep an organisation secure in our interconnected world.

  • 47% of FS firms have increased the investment in secure collaboration tools, a sign of the surge in reliance on tools that facilitate remote working. The report further revealed that securing the remote workforce has become a ‘key objective’ for 42% of the surveyed firms.

Meanwhile, the survey found that over 92% of these FS organisations increased their cybersecurity investment over the previous 12 months, 26% quite significantly so.

“It’s a highly challenging cyber security landscape for the financial services sector, with many CISOs focused on battling day-to-day threats alongside trying to achieve broader strategic objectives,” says HelpSystems CEO Kate Bolseth.... But of equal importance, especially for longer-term strategic goals, is ensuring the right processes are in place and educating and training employees.”says HelpSystems CEO Kate Bolseth

Security weaknesses in the supply chain and the proliferation of remote working situations were identified as the two threats with the most potential to cause damage in FS firms, at 46% and 36% respectively.

  • The research also found that around one-third of respondents had reacted quickly to update their regulatory best practices, while 46% had re-evaluated their cybersecurity training and policies to better reflect the increased home working.  
  • Almost half of the respondents felt COVID-19 had accelerated changes that were already in discussions, such as a move to Office 365. Such changes form part of broader digital transformation strategies, which was seen as the main challenge facing FS firms, according to HelpSystems.
  • Perhaps most alarming is the widespread and long term impact a malware attack can have on an organisation. Respondents indicated increased cost of security (59%), productivity loss (57%), system downtime (50%), and IT security strategy revisions (48%) as a few of the major consequences of an attack.

“Cyber-attacks are growing in volume and severity, so FS firms need to not only protect the organisation against day-to-day threats, but also make the transition to digital, meet regulatory demands, and secure a remote workforce in the light of COVID-19.”says Bolseth

Nearly half of all companies spoken to felt that Covid-19 has accelerated changes that were already in discussions, such as a move to Office 365. These changes now form part of broader digital transformation strategies, which was seen as the main challenge facing Financial Services in the future.

Help Systems:       Core Security:     Security Brief:        Security Boulevard:    PR Newswire:

You Might Also Read:

Malware Versus Ransomware: What’s the Difference?:

 

« Cyber Security For Home Working
Is AI The Future of Cyber Security? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TrustedIA

TrustedIA

TrustedIA is a cyber and protective security company. Our mission is to help businesses protect themselves from disruptive events that can impact their successful operation.

Westminster eForum

Westminster eForum

Wesrtminster eForum runs a series of conferences on matters relating to the UKs Digital Strategy. Topics include Smart Cities and Cyber Security.

Span

Span

Span designs, develops and maintains information systems based on advanced technological solutions of global IT leaders.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

Syber Technology

Syber Technology

Syber Technology is an IT project implementer empowering IT systems of Small to Medium Enterprises in the Middle East.

Reflectiz

Reflectiz

Reflectiz empowers digital businesses to make all web applications safer by non-intrusively mitigating any website risks without a single line of code.

GM Sectec

GM Sectec

GM Sectec is the world's largest independent Cyber Defense and Fraud Prevention firm laser focused on payment security.

Vanta

Vanta

Vanta helps companies scale security practices and automate compliance for the industry’s most sought after standards - SOC 2, ISO 27001, HIPAA, GDPR, and other security and privacy frameworks.

Cyberani Solutions

Cyberani Solutions

Cyberani Solutions was created to fulfill the cybersecurity needs of industry and government in Saudi Arabia, and across the Middle East and North Africa regions.

Stratascale

Stratascale

Stratascale is a consultant, systems integrator, and technology advisor with expertise in Automation, Cloud Ascension, Cybersecurity, Data Intelligence, and Digital Experience solutions.

Aardwolf Security

Aardwolf Security

Aardwolf Security specialise in penetration testing to the highest standards set out by OWASP. We ensure complete client satisfaction and aftercare.

Dynamic Networks

Dynamic Networks

Dynamic Networks provide Managed Cloud Services; Unified Communications; Security & Compliance Services and Network & Infrastructure Services for both Public Sector and Private sector businesses.

Sensity

Sensity

Sensity is a company that offers an AI-driven solution to detect and verify deepfakes and other forms of identity fraud.

CyXcel

CyXcel

CyXcel is a cyber security consulting business grounded in the law which natively fuses crises, legal, technical, and consulting expertise digital networks, information and operational technology.

Cribl

Cribl

Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy.

GoCloud Systems

GoCloud Systems

GoCloud is an IT consulting firm. We provide IT strategy and cloud adoption services to the New Zealand Government, Non-Profit Organisations and private industry.