Financial services firms have always been a top target of cybercrime, but today the threat is greater than ever. According to a report released by IBM X-Force, firms in the financial services industry are attacked at nearly twice the rate of companies in other industries. Why? Hackers are simply following the money. According to the 2017 “Data Breach Investigations” report by Verizon, 96 percent of the cyberattacks against financial firms were motivated by financial gain.

Compounding this challenge is the fact that most firms are increasing their reliance on technology. For each new digital technology, intruders have a new means to infiltrate the network and steal valuable data. Mobile apps, off-premises employees, cloud computing, and unauthorized “shadow IT” are some of the vulnerabilities that hackers can now exploit to infiltrate networks; none of which existed as a major source of cybersecurity risk a decade ago.

Let’s look at the most pressing cybersecurity issues facing small- and medium-sized financial institutions today.

 

The Rise of Malware and Crime as a Service

Malware is becoming easier to create and spread. Although ransomware attacks captured the big headlines in 2017, it’s just one part of a new, commodified approach to spreading viruses, trojans, and other harmful applications that’s known as Crime-as-a-Service (CaaS).

In the CaaS model, experienced virus-makers invent new malware variants, which less experienced hackers can use to attack companies. In return for their services, the virus maker will either charge a flat fee or take a commission based on the success of the attack. The most professional of these kits feature a user-friendly interface, a robust set of features and tools, and even technical support; allowing novice hackers to infiltrate or steal data from unprepared financial firms with relative ease.

 

The Challenge of the Insider Attack

Just as the name implies, an insider attack is a cybersecurity threat that originates inside your organization. Insider threats may come from a disgruntled employee, or someone who gets tempted by outside influences or bribes. It may also be an employee who inadvertently leaks their credentials or company data to a malicious third party.

Different financial institutions have their own unique vulnerability when it comes to insider threats. Retail banks, for example, may struggle with finding and keeping part-time tellers. A teller that feels underpaid, works with the constant threat of armed robbery, and routinely deals with tense customer interactions is a perfect target for hackers or organizations seeking inside information. For these low-level employees, selling something as seemingly innocuous as a network credential for a few thousand dollars can be an attractive proposition.

Skilled employees can also be the source of an insider attack, like in the case of financial planning company Ameriprise. When an adviser connected a networked storage device to his home network, he exposed hundreds of investment portfolios, worth tens of millions of dollars to the public. In this case, the leak was identified by a beneficent cybersecurity analyst before any damage was done, but such a mistake has the potential to do enormous, even irreparable harm to a financial firm like Ameriprise.

In general, the damage caused by insider attacks is growing at an alarming rate. According to a 2018 study by the Ponnemon Institute called 2018 Cost of Insider Threats: Global, the cost of a single incident reached $8.7 million dollars, a dramatic increase from just over $4 million dollars only two years ago.

 

A Poorly Trained Workforce

Experts ranging from our nation’s first CISO Gregg Touhill to John Clay at Trend Micro agree that employees who fail to follow cybersecurity best practices are one of the most pressing cybersecurity threats to financial firms and other businesses.

While IT security investment is crucial, it can’t protect a firm whose employees lack the education to play a first-line role in the broader security posture. To stop an attack at the earliest possible stage, it’s important employees are educated about the basics of digital hygiene like password maintenance, as well as more advanced topics like how to ensure data security in a distributed network environment. This training should also build an awareness of the social engineering tactics and techniques that resourceful hackers employ to gain privileged network access.

 

How Astute Technology Management Prepares Financial Firms

The security team at Astute Technology Management works with its clients to plan and implement comprehensive cybersecurity strategies that minimize the risk of a damaging cyberattack; no matter if these threats originate inside or outside of the organization. We have years of experience building out cybersecurity strategies that are based on industry-standard frameworks, such as The National Institute of Standards and Technology (NIST) Cybersecurity Framework, and the Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook. These frameworks provide a valuable starting point to build a robust security strategy and can help your firm establish a baseline security capability that covers best practices in the five major areas of information security: identify, protect, detect, respond and recover.

All our cybersecurity engagements start with a thorough assessment of an organization’s existing network and applications via a Network Assessment. During this assessment, we’ll review your existing strategy and network architecture, data governance policies, validation controls, and monitoring systems to locate possible blind spots or areas of strategic importance that you might have missed. After our assessment, the team from Astute Technology Management will start developing a comprehensive roadmap to secure your network endpoints, both on- and off-premise. This process – coordinated with a little assistance from your staff – is rooted in a thorough understanding of a firm’s business goals, long-term operational objectives, as well as our many years of experience providing cyber security service to financial firms.

Once we’ve developed and implemented an optimized security strategy, we support each of our clients in an ongoing strategic partnership role, updating their security systems based on the latest developments in the information security field. This ongoing support may also include staff training that prepares them to play an active role in your firm’s security.

 

Don’t Risk Your Reputation with Poor Cyber Security

Gone are the days when small financial firms could reasonably expect to fly under the radar. Hackers have gotten wise to this laissez-faire attitude, which is why smaller firms are being targeted for cybersecurity attacks at a much higher rate than before. After all, from a hacker’s perspective it’s far easier and more lucrative to successfully infiltrate three smaller firms than to spend the time on one major “score” that may or may not yield a pay-off.

For this reason, we strongly advise that financial firms throughout Ohio take the time to devise a cybersecurity strategy that minimizes the catastrophic financial and reputational losses that occur with a cybersecurity breach. We’re happy to provide our expertise to firms who recognize the importance of vigorous cybersecurity and look forward to working with those firms as a trusted partner, ensuring they stay on the path to sustained security and prosperity.