The banking sector has long been recognized as one of the industries with the most mature and collaborative approaches to cybersecurity. But it also remains under constant threat, as hackers rapidly adopt emerging technologies to find new ways to breach defenses.
According to Bill Borden, corporate vice president of worldwide financial services for Microsoft, this presents financial companies with a unique challenge: “Creating high-friction experiences for cybercriminals, fraudsters, and money launderers while delivering low-friction customer experiences.”
Banks, in particular, have found themselves more exposed to hackers in recent years, despite being part of the critical infrastructure of most countries, due to their digital transformation and move to cloud computing, which relies on a network of third parties, quarters or even third party suppliers.
Not only do they have to protect their assets and data from both criminal groups and domestic hackers, but they also have to protect their customers from fraud or identity theft, for example. Given the amount of sensitive personal information they hold about customers, as well as their funds, they remain a prime target, always bombarded by attacks.
Norges Bank Investment Management, the sovereign wealth fund, said it experienced around 100,000 cyberattacks a year last year, of which more than 1,000 it rates as serious, with chief executive Nicolai Tangen labeling cybersecurity as the its main concern, above the tumultuous markets.
Michael Sentonas, president of cybersecurity group CrowdStrike, says cyber adversaries “continuously increase the sophistication of their tactics and exploits, while decreasing the breakout time for intrusion activity, or the time it takes to move laterally.” within a network”.
CrowdStrike has seen a 50% increase in “hands-on” attacks – where the perpetrator uses a keyboard to break into the host network – between 2021 and 2022, with financial services being the second most targeted sector , after the technology. Financial services are also among the top 10 industries targeted by login brokers, who trade or misuse stolen credentials, Sentonas says.
Similarly, a attack analysis by the Financial Services Information Sharing and Analysis Center, an industry-wide alert system, found the finance and insurance sector to be the third most targeted sector by ransomware criminals.
And the stakes are high, particularly when it comes to reputational risk. “A cyber attack on a bank would have a significant impact and effect [on] that share price and that trust between the bank and the customers, which could have a much more significant impact than in other industries,” says Stuart McKenzie, head of consulting for Europe, Middle East and Africa at Google’s cybersecurity division, mandiant.
In response, experts are recommending that banks focus on enabling multi-factor authentication, robust identity management and login practices, and better data governance. Additionally, banks should develop incident response plans and simulate attacks to put their response into practice.
Steve Soukup, chief executive officer of cybersecurity firm DefenseStorm, says banks are increasingly taking a proactive approach and treating cybersecurity “more like a risk management discipline,” having policies and controls in place that are regularly tested and measured.
However, he finds that many banks and smaller credit unions still spend more time managing the risk of their small business loan portfolio than they do cybersecurity, even though, from a financial perspective, their exposure is “just as profound “.
In the longer term, technologies are being developed that will further test the cybersecurity strategies of financial institutions. First, banks will need to evaluate how to defend against and use AI, given its potential to automate large-scale attacks and its ability to scale to targets.
“I think we’ll see attackers using generative AI to create much better phishing,” says McKenzie, referring to AI that can generate text and images in response to human input.
Fabio Colombo, global head of financial services security at consultancy Accenture, agrees: “On the one hand, it could mean that attackers have access to a very quick way to engineer new malware, new code, new threats.” This could mean that businesses will have to move faster to patch or update their systems as hackers are able to exploit vulnerabilities more quickly. But, adds Colombo, artificial intelligence will also be increasingly used by banks to detect attacks and automate their cyber defenses.
Some are optimistic about other developments affecting the sector. Microsoft’s Borden refers to a new privacy-enhancing technology known as “confidential computing” that allows cloud service providers to process encrypted data without being able to access or modify it.
“Confidential compute provides the missing piece for comprehensive protection of data at rest, in transit, and now in use,” he says.
At the same time, Colombo notes that financial services are one of the “most affected” sectors. quantum computing – a technology so theoretically powerful that experts fear it will be able to crack the encryption that is typically used to protect user data.
“Many global banks and global insurance companies are looking forward to, say, three to five years, to figure out what the threat might be if some of the algorithms or encryption is cracked,” Colombo says, urging banks to consider where they might be vulnerable and how they might be able to deal with any compromises.
Borden adds that companies, and especially their boards of directors, will also need new training on how to handle a crisis. “They have to be prepared for the unknown, the black swan,” he warns.
—————————————————-
Source link