COVID lockdowns proved lucrative for cyber criminals. An increase in electronic trading saw a 238% growth in cyberattacks on financial institutions from February to April 2020 according to VMware. Attacks are becoming more sophisticated and Sophos’ State of Ransomware in Financial Services 2022 report found 55% of organizations surveyed were hit in 2021, up from 34% in 2020.
In such a highly regulated industry loss of data and other assets aren’t the only risks as penalties can be severe. Last year, the SEC fined JPMorgan Chase $125 million for allowing Wall Street employees to use WhatsApp as a workaround to US federal record-keeping laws. To avoid hefty fines and damage to company reputation, IT should educate on best practices, clearly identify risks, and secure assets before any breach occurs.
End user education
With ‘phishing’ on the rise, employees must be able to spot malicious mails that open the door to ransomware attacks. Conduct an ongoing education campaign highlighting new methods used by hackers to reduce the chance of a breach occurring in this way.
Cryptocurrency is another area of concern as hackers use transfers as gateway entry points to gain access. This year, a hack at IRA Financial Trust resulted in the theft of $36 million in cryptocurrency and in another incident Qubit finance offered $2 million for the return of £80 million in stolen coin. Devise and communicate guidelines to ensure trading and communication is performed via secure platforms and educate end users on how hackers are exploiting vulnerabilities.
Consolidate systems and applications to reduce the attack surface
The FinTech market saw mergers and acquisitions (M&A) rise by 55% in 2021 following a dip the previous year. Any financial M&A activity will gain the attention of hackers so IT should be involved from day one to make smart decisions about consolidating platforms, rationalizing apps, and securing data. How can you know what needs replacing if you don’t know what your combined assets are? And how can you keep data secure without understanding what needs updating or patching?
Manage regulatory compliance and cloud usage
The cloud has provided new capabilities for FinTech companies such as accelerating service time to market. While enhanced cloud security has alleviated initial fears, IT teams should remain alert around cloud usage, security and regulatory requirements. This is particularly pertinent for global financial companies as country regulations differ. If found to be non-compliant during a breach investigation, penalties can be high.
Regularly patch and update systems
With more end user devices, and applications, IT teams need to stay on top of OS updates and patching, as well as end of support for servers and devices. Unsecured systems provide the perfect gateway for hackers. In 2017 an unpatched system led to a breach at Equifax, with the credit agency agreeing to pay at least $575 million in compensation.
In an ever-more diverse and complex IT environment, it’s going to be vital to automate patch management and build in programs such as Windows servicing, asset refresh, and EoL migrations into ongoing plans.
Dispose of assets properly
Morgan Stanley received a $60 million civil money penalty by the US OCC and was subject to a number of class-action lawsuits following two incidents where customer data was placed at risk during IT asset disposition (ITAD) activities.
It’s vitally important that you track assets throughout their lifecycle and maintain comprehensive up-to-date audit trails for all IT assets from procurement all the way through to disposal.
Stop ‘island hopping’
Island hopping is the method cybercriminals use to get access to an organization via supply chain and third-party systems. Target fell foul to this and paid out $18.5 billion after hackers accessed a billing platform via a third-party HVAC system. The financial services industry is susceptible to this kind of attack with a VMware report finding that 38% of industries experienced an increase in activity in a 2021 report.
Put in place agreements with third parties and ring fence systems so that if they pose any threat, malicious actors can’t gain control of your organization’s data through them.
To identify and manage any of these vulnerabilities, consider a digital platform conductor (DPC). Recognized in four Gartner hype cycles, a DPC analyzes information about the entire IT estate – endpoints, users, applications, and all their interdependencies – defines the rules for change, and uses intelligent automation to implement those changes.
A DPC connects to disparate IT and business systems to collect, aggregate, and normalize critical information about your IT estate. It provides you with an accurate, real-time view of endpoints to help analyze security vulnerabilities. You’ll be able to determine:
- where assets are located.
- who is using them.
- all details about the associated applications and OS versions.
A DPC also serves as a central command and control platform to orchestrate and automate system and human workflows and report back on status.
Book a demo with ReadyWorks to understand how you can use a DPC to identify cybersecurity risks and protect against costly data breaches.