Most Large Financial Firms Have Been Attacked In The Past Year

No matter how much technology progresses, malware continues to be a consistent menace that criminals use and they have been improving its effects. Ransomware also continues to plague organisations, with 43% of respondents having experienced an attack and 80% of respondents believing they will experience another attack within the next 12 months. 

Over 60% of large financial services (FS) firms have suffered a cyber attack in the last year, according to new research released from data security provider HelpSystems. Although most FS organisations have increased their cyber security investment over the previous 12 months, the attacks continue.

The main investment priorities for CISOs over the next 12 months include secure file transfer (64%), protecting the remote workforce (63%) and cloud/Office365 (56%).

Reports have confirmed patterns throughout this year, that the COVID-19 pandemic has exacerbated the risk from cyber-attacks. Indeed a survey of 250 CISOs and CIOs from FS firms across the world, revealed that 45% of respondents reported an increase in cyber-attacks since the pandemic first emerged. 

There are countless examples of cyber attacks where this weakness was exploited, highlighting just how hard it can be to keep an organisation secure in our interconnected world.

  • 47% of FS firms have increased the investment in secure collaboration tools, a sign of the surge in reliance on tools that facilitate remote working. The report further revealed that securing the remote workforce has become a ‘key objective’ for 42% of the surveyed firms.

Meanwhile, the survey found that over 92% of these FS organisations increased their cybersecurity investment over the previous 12 months, 26% quite significantly so.

“It’s a highly challenging cyber security landscape for the financial services sector, with many CISOs focused on battling day-to-day threats alongside trying to achieve broader strategic objectives,” says HelpSystems CEO Kate Bolseth.... But of equal importance, especially for longer-term strategic goals, is ensuring the right processes are in place and educating and training employees.”says HelpSystems CEO Kate Bolseth

Security weaknesses in the supply chain and the proliferation of remote working situations were identified as the two threats with the most potential to cause damage in FS firms, at 46% and 36% respectively.

  • The research also found that around one-third of respondents had reacted quickly to update their regulatory best practices, while 46% had re-evaluated their cybersecurity training and policies to better reflect the increased home working.  
  • Almost half of the respondents felt COVID-19 had accelerated changes that were already in discussions, such as a move to Office 365. Such changes form part of broader digital transformation strategies, which was seen as the main challenge facing FS firms, according to HelpSystems.
  • Perhaps most alarming is the widespread and long term impact a malware attack can have on an organisation. Respondents indicated increased cost of security (59%), productivity loss (57%), system downtime (50%), and IT security strategy revisions (48%) as a few of the major consequences of an attack.

“Cyber-attacks are growing in volume and severity, so FS firms need to not only protect the organisation against day-to-day threats, but also make the transition to digital, meet regulatory demands, and secure a remote workforce in the light of COVID-19.”says Bolseth

Nearly half of all companies spoken to felt that Covid-19 has accelerated changes that were already in discussions, such as a move to Office 365. These changes now form part of broader digital transformation strategies, which was seen as the main challenge facing Financial Services in the future.

Help Systems:       Core Security:     Security Brief:        Security Boulevard:    PR Newswire:

You Might Also Read:

Malware Versus Ransomware: What’s the Difference?:

 

« Cyber Security For Home Working
Is AI The Future of Cyber Security? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TechInsurance

TechInsurance

TechInsurance is America's top technology insurance company offering a range of technology related products including Cyber Liability insurance.

Guardtime

Guardtime

Guardtime's Black Lantern platform provides real-time cybersecurity and data-centric asset protection.

Cyberint

Cyberint

Cyberint, the Impactful Intelligence company, fuses open-deep-and darkweb Threat Intelligence with Attack Surface Management to deliver maximum protection from external threats.

Resilia

Resilia

RESILIA is a comprehensive portfolio of tools and training to help your organization achieve global best practice in cyber security.

Bird & Bird

Bird & Bird

Bird & Bird is an international law firm with a focus on helping organisations being changed by technology and the digital world. Areas of expertise include cyber security.

A-LIGN

A-LIGN

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to mitigate cybersecurity risks.

White & Black

White & Black

White & Black are specialist corporate & technology lawyers based in London & Oxford.

CICRA Consultancies

CICRA Consultancies

Cicra Consultancies is a company that specializes in cyber security. Our major activities are guided by three main principles: Prevent, Investigate, Prosecute.

SynSaber

SynSaber

SynSaber is a data collection, detection, and visibility solution that forms the foundation of industrial cybersecurity.

QuSecure

QuSecure

QuSecure provides a software-driven security architecture that overlays your current infrastructure and provides next-generation security to protect your entire network from quantum threats.

Trace3

Trace3

Trace3 is a pioneer in business transformation solutions, empowering organizations to keep pace with the rapid changes in IT innovations and maximize organizational health.

Curatrix Technologies

Curatrix Technologies

Curatrix Technologies is a Managed IT Service provider based in Hampshire, UK, providing high quality and reliable Managed IT Services since 2015.

Arelion

Arelion

Arelion is a leading light in global connectivity and we've been keeping the world connected for nearly three decades.

SektorCERT

SektorCERT

SektorCERT is the cybersecurity center for the critical infrastructure sectors in Denmark. We help detect and handle when critical infrastructure is exposed to cyber attacks.

CyberMontana

CyberMontana

CyberMontana is a statewide initiative providing cybersecurity awareness, training, and workforce development for businesses and residents of Montana.

CyFox

CyFox

CYFOX is at the forefront of cybersecurity innovation, specializing in providing cutting-edge AI-driven solutions tailored for any businesses.