Most Large Financial Firms Have Been Attacked In The Past Year

No matter how much technology progresses, malware continues to be a consistent menace that criminals use and they have been improving its effects. Ransomware also continues to plague organisations, with 43% of respondents having experienced an attack and 80% of respondents believing they will experience another attack within the next 12 months. 

Over 60% of large financial services (FS) firms have suffered a cyber attack in the last year, according to new research released from data security provider HelpSystems. Although most FS organisations have increased their cyber security investment over the previous 12 months, the attacks continue.

The main investment priorities for CISOs over the next 12 months include secure file transfer (64%), protecting the remote workforce (63%) and cloud/Office365 (56%).

Reports have confirmed patterns throughout this year, that the COVID-19 pandemic has exacerbated the risk from cyber-attacks. Indeed a survey of 250 CISOs and CIOs from FS firms across the world, revealed that 45% of respondents reported an increase in cyber-attacks since the pandemic first emerged. 

There are countless examples of cyber attacks where this weakness was exploited, highlighting just how hard it can be to keep an organisation secure in our interconnected world.

  • 47% of FS firms have increased the investment in secure collaboration tools, a sign of the surge in reliance on tools that facilitate remote working. The report further revealed that securing the remote workforce has become a ‘key objective’ for 42% of the surveyed firms.

Meanwhile, the survey found that over 92% of these FS organisations increased their cybersecurity investment over the previous 12 months, 26% quite significantly so.

“It’s a highly challenging cyber security landscape for the financial services sector, with many CISOs focused on battling day-to-day threats alongside trying to achieve broader strategic objectives,” says HelpSystems CEO Kate Bolseth.... But of equal importance, especially for longer-term strategic goals, is ensuring the right processes are in place and educating and training employees.”says HelpSystems CEO Kate Bolseth

Security weaknesses in the supply chain and the proliferation of remote working situations were identified as the two threats with the most potential to cause damage in FS firms, at 46% and 36% respectively.

  • The research also found that around one-third of respondents had reacted quickly to update their regulatory best practices, while 46% had re-evaluated their cybersecurity training and policies to better reflect the increased home working.  
  • Almost half of the respondents felt COVID-19 had accelerated changes that were already in discussions, such as a move to Office 365. Such changes form part of broader digital transformation strategies, which was seen as the main challenge facing FS firms, according to HelpSystems.
  • Perhaps most alarming is the widespread and long term impact a malware attack can have on an organisation. Respondents indicated increased cost of security (59%), productivity loss (57%), system downtime (50%), and IT security strategy revisions (48%) as a few of the major consequences of an attack.

“Cyber-attacks are growing in volume and severity, so FS firms need to not only protect the organisation against day-to-day threats, but also make the transition to digital, meet regulatory demands, and secure a remote workforce in the light of COVID-19.”says Bolseth

Nearly half of all companies spoken to felt that Covid-19 has accelerated changes that were already in discussions, such as a move to Office 365. These changes now form part of broader digital transformation strategies, which was seen as the main challenge facing Financial Services in the future.

Help Systems:       Core Security:     Security Brief:        Security Boulevard:    PR Newswire:

You Might Also Read:

Malware Versus Ransomware: What’s the Difference?:

 

« Cyber Security For Home Working
Is AI The Future of Cyber Security? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TunnelBear

TunnelBear

TunnelBear is a Virtual Private Network services provider offering secure encrypted access to the internet.

TOAE Security

TOAE Security

TOAE Security is a trusted cyber security consulting partner helping today's leading organizations protect their most important assets from evolving cyber threats.

German Accelerator

German Accelerator

German Accelerator supports high-potential German startups in successfully entering the U.S. and Southeast Asian markets.

BlackCloak

BlackCloak

BlackCloak provides Concierge Cyber Security for high-net-worth individuals and corporate executives to protect them from cybercrime, reputational risks, hacking and identity theft.

LTIMindtree

LTIMindtree

LTIMindtree is a new kind of technology consulting firm. We help businesses transform – from core to experience – to thrive in the marketplace of the future.

AwareGO

AwareGO

AwareGO is a global provider of security awareness training content and solutions that help enterprises improve cybersecurity awareness in the workplace.

Orbus Software

Orbus Software

Orbus develops, markets and sells enterprise software which helps large, blue chip and government organisations across the globe to achieve digital transformation outcomes.

Open Source Security Foundation (OpenSSF)

Open Source Security Foundation (OpenSSF)

OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

BlueSteel Cybersecurity

BlueSteel Cybersecurity

BlueSteel is a compliance consulting firm that leverages deep system, data and application expertise to build sustainable cybersecurity solutions.

DC Two

DC Two

DC Two are a locally operated and supported Australian data centre, offering a suite of vertically integrated services covering every part of the data centre and cloud technology stack.

Saudi Information Technology Company (SITE)

Saudi Information Technology Company (SITE)

SITE is a forward-thinking enterprise, which aims at revitalizing Saudi Arabia’s digital infrastructure, cybersecurity, software development, and big data and analytics capabilities.

Karate Labs

Karate Labs

Karate is an open-source unified test automation platform combining API testing, API performance testing, API mocks & UI testing.

CYBRI

CYBRI

CYBRI is a cybersecurity company helping businesses detect and remediate mission-critical vulnerabilities before they get exploited by hackers.

Downdetector

Downdetector

Downdetector helps people all over the world understand disruptions to vital services such as the internet, social media, web hosting platforms, banks, games, entertainment, and more.

CyberGrape

CyberGrape

CyberGrape is a client centric managed services company, providing enterprise leading security solutions and helping companies through their IT risk and security challenges.

CyberForceHQ

CyberForceHQ

CyberForce helps cyber security professionals take real-world tests, get ranked and get paid better. It's that simple.