The financial services sector is highly exposed to cybersecurity risk. Director of Sales, Sean Arrowsmith, sums up a recent conversation with cybersecurity professionals from the banking sector to get their perspective on the cyber risks they face. The following is an excerpt from the executive summary of this discussion, click here for the full report.
Attacks on the financial sector worldwide more than doubled during the early months of the pandemic and the rise of the crypto universe has created new sources of instability[1] [2]. The IMF considers cybersecurity a global financial threat[3].
So how can financial institutions and companies, large and small, prepare? What are their biggest challenges in cyber-proofing their IT infrastructure? What are some best practices and tactics to achieve resilience?
We recently spoke to the chief security officer (CSO) of a leading bank, the chief information security officer (CISO) from a banking tech provider and a professor of cybersecurity for a panel discussion about the cyber risks faced by the financial services industry. Here’s what we learned.
(The following is an excerpt from a longer report – download the full story here).
The threats are ‘genuinely scary’ for both large and small organisations
The cyber risk environment has worsened significantly over the last three years. The sudden rise in remote and hybrid working compromised existing cyber defences by rendering the borders of companies porous and ill-defined as employees used their own devices and networks. Information security teams struggled to enforce best practices.
Hybrid working now seems firmly established, but hybrid warfare, arising from Russia’s invasion of Ukraine, has created new risks and vulnerabilities for firms. Regulators have called upon companies to bolster their defences, predicting a protracted period of threat and uncertainty[4]. Flaring geopolitical tensions make the risks even more complex for firms that might be targets – and this will not get easier any time soon, said the bank CSO.
The person we spoke to from banking tech provider, meanwhile, said the current cyber threat landscape was getting “genuinely scary. The amount of successful attacks against real businesses is much higher than our general perception. In the networks of security professionals that I am in, there is an anxiety about our ability to contain the impact of what’s going on.”
Larger organisations are lucky, he argued, because they have more resources to deploy, but smaller companies are at greater risk. “They are not interesting enough for the big consultancies and specialists, but they represent a big chunk of our economy.”
The cybersecurity professor said banking SMEs in particular are at a disadvantage. They lack the time, resources and knowledge to invest in cybersecurity and find the right partner among the many ‘cowboy’ vendors: “There is a knowledge gap and a fear it’s going to cost them a lot.” He said he works with many SMEs, adding that they often can’t even pin down how many laptops their workforce use.
To find out more about how Crossword can support you, contact us.
[1] https://www.bis.org/publ/work1039.pdf [2] https://www.agcs.allianz.com/news-and-insights/expert-risk-articles/financial-services-risk-cyber.html [3] https://www.imf.org/external/pubs/ft/fandd/2021/03/global-cyber-threat-to-financial-systems-maurer.htm [4] https://www.fca.org.uk/firms/operational-resilience/russian-invasion-ukraine