The financial services sector has seen digital technologies such as AI and analytics increasingly being woven into everyday practices, boosting efficiency in routine tasks and supporting an evolving mobile workforce. Recent research by Microsoft found that only 11.4 percent of European employees feel highly productive at work, and, amid the arrival of innovative technologies such as5G, mobile working is not only becoming increasingly prevalent, but also more popular, with offices no longer confined to four walls. As financial services organisations adapt to this rapidly changing environment, they must also be mindful—as handlers of extremely sensitive information in an age of mass data proliferation—the wider a network perimeter stretches, the more the scope for security breaches.
The 2019 financial cyberthreat landscape
As financial organisations adapt to this rapidly changing environment, they must be cautious of technology’s role as both enabler and inhibitor of cybersecurity. With so much confidential data increasingly central to the financial ecosystem, for example, the rise of mobile banking applications, the cost of any security breach quickly escalates. An Accenture and Ponemon Institute report showed that cyber-attacks are more costly within the financial services sector than in other industries, with the average cost of a data breach rising by over 40 percent between 2014 and 2017 to $18.28 million per firm.
Coupled with this is the growing intelligence of the cyber-criminals attacking this data while constantly evolving their methods to stay ahead of the game. This is demonstrated by the2018 SonicWall Cyber Threat Report, which reported a 101.2 per cent increase in never-before-seen cyberattacks and malware variants. Criminals are developing increasingly effective weapons like ransomware, IoT malware and TLS/SSL-encrypted malware to target organisations across the globe. The Accenture and Ponemon Institute study revealed denial of services, phishing and social engineering attacks to be among the most costly for financial companies, while those committed by malicious insiders and malicious code take the longest time to resolve. It’s therefore no surprise that, according to Toshiba, 62 percent of Europe’s IT leaders still consider data security to be a key investment priority.
Devices and employees: the first line of defence for finance
Devices are in many cases are the first line of defence for organisations and instances of laptops being lost or stolen on a busy commute, or connected to a coffee shop’s unsecure network, can leave sensitive data exposed.IBM and the Ponemon Institute found that almost half of security breaches involved a malicious or criminal attack, while a further 27 percent were due to the carelessness of negligent employees. Combining the two creates a potent concoction which financial services CIOs need to manage.
It is therefore essential that organisations ensure their security solutions provide a strong foundation to protect sensitive information at both a hardware and network level. Financial services firms should look at devices such as Toshiba’s X-Series that boast biometric features alongside in-built smart data encryption tools. Along with these initial barriers, remote access and wiping tools are important in enabling IT teams to centrally remove files and data from devices, should they land in the wrong hands. Even within an organisation, it is important for individual departments to ensure security and confidentiality for sensitive documents. Central administration tools can grant access rights based on job type and job seniority—for example, restricting sensitive financial information from those sitting outside of that department.
Beyond digital technological solutions, financial services organisations must also invest in training and education to ensure employees are taking the right steps to identify and mitigate potential security attacks, as well as prevent them from happening altogether. Toshiba research also suggests two thirds of organisations want to engage their staff in IT training, in turn ensuring correct and secure usage, ultimately reducing the chances of employee negligence.
The rise of IoT and the mobile edge
The growing adoption of IoT is creating an urgent need for even more stringent data protection policies. Security specialists such as Avast are specifically calling out IoT as a key battleground in 2019 as sophistication in this area increases. As a result, the finance sector needs to consider new and innovative security methods. One such approach is to turn to mobile edge computing, which not only paves the way for IoT to be used in the enterprise operationally, but also ensures that it’s achieved in a secure manner. Such solutions enable data communication to be locally encrypted and translated to a communication protocol before being sent to the company’s network core through the cloud. As we see new IoT-driven solutions such as wearables entering the enterprise, the need to protect the ever-growing swathes of data created by this trend will result in financial dynabook Europe – UK Branchservices placing even more value on mobile edge computing.
For banks and other firms within the sector, security remains the most important element of the IT infrastructure, with the current threat landscape more diverse and testing than ever before. It is essential that such companies constantly stay on top of evolving cyber threats and build strong security fundamentals across their networks, incorporating solutions that future proofs them against the increasingly intelligent methods of cybercriminals. In the age of IoT, this means going beyond protecting the network at its core, but also using robust hardware and edge solutions to nullify the threat across the ever-expanding network perimeter.