Security News
More than one year into the pandemic, banks, insurers, and other financial institutions report costly consequences to falling short of protecting their massive data troves from cloud-based attacks and network disruptions. Biggest cybersecurity issues for financial institutions Data breaches are an increasingly significant cost burden for the industry: Worldwide, financial firms that experienced a data breach reported estimated average losses of roughly $4.2 million per attack, with U.S. organizations hit hardest at $4.7 million in estimated losses.
According to the index, which surveyed 902 organizations in the financial services sector, 74 percent have experienced a rise in cybercrime since the pandemic began, with 42 percent of banks and insurers revealing the remote working model has made them less secure. 44 percent were also concerned that this has led to less visibility of potential holes in their network or infrastructure and a further 37 percent of FIs believe their customers are now at greater risk of cybercrime or fraud.
Fusion Risk Management announced that it has further strengthened its offerings to help financial institutions meet and exceed new Bank of England, PRA, and FCA regulatory requirements which take effect in early 2022, in addition to the recently formalized guidance shared by the Basel Committee. Fusion's collaborative ENGAGE customer community fosters a common understanding and best practices between those working toward greater operational resilience in financial services.
In 2020, the most common incidents that financial organizations suffered regarding data in the cloud were phishing attacks, targeted attacks on cloud infrastructure and ransomware, Netwrix reveals. The report also revealed that 59% of financial orgs consider understaffed IT and security teams to be the major reason they struggle to secure data in the cloud.
DefenseStorm announced the addition of CyberFraud to its product offerings, providing an integrated solution for Information Security and BSA/AML Fraud departments in a single platform to prevent losses and protect account holders. The DefenseStorm GRID provides investigation tools for deep analysis, links threats across multiple accounts and sources, gathers evidence for SAR reporting, enables on-the-fly strategy configuration and streamlines dashboard reporting.
Organizations in the financial and insurance sectors were the most targeted by threat actors in 2020, continuing a trend that was first observed roughly five years ago, IBM Security reports. Retail and professional services rounded up the top five most targeted sectors, IBM says.
Alongside shifts in what types of financial institutions were being targeted, Kaspersky also noticed regional malware actors going global and advanced persistent threats that aren't normally involved in financial crimes broadening their horizons to include such acts in 2020. In terms of specific numbers, Kaspersky noticed a slight decline in the number of users hit by phishing attacks in 2020, with only 13.21% being targeted, compared to 15.7% in 2019.
While 2020 was one of the most challenging years for every business, those in financial services and insurance have fared better than most. While 74% of organizations across all sectors have now introduced DevOps, for example, this rises to 81% in financial services and 84% in insurance.
Cybersecurity vulnerabilities among credit unions and their vendors create the potential for large financial impacts to the credit union industry, according to a Black Kite report. The research analyzed the cybersecurity posture of 250 NCUA credit unions and 150 vendors commonly used by credit unions.
A new phishing scam is on the rise, targeting executives in the insurance and financial services industries to harvest their Microsoft 365 credentials and launch business email compromise attacks, according to a new report from Area 1 Security. These new, sophisticated attacks are aimed at C-suite executives, their assistants and financial departments, and can work around email security and Office 365 defenses.