Financial Sector Cyberattacks Rising with Bad Actors Raking in the Dough
Cyberattacks cost financial sector companies more than those in other sectors.
Financial sector cyberattacks are escalating as cybercriminals see this vertical as an especially lucrative target.
That’s according to “Cybersecurity in the Remote Work Era: A Global Risk Report” by Keeper Security. Seventy percent of financial services organizations reported experiencing a cyberattack in the past 12 months. That’s a 20-point increase compared to 2019.
Over the past year alone, financial organizations suffered from credential thefts (64%), general malware (53%) and account takeover (43%). Given the uncertainty of the pandemic, more than half of organizations have experienced an attack that specifically leveraged COVID-19 as a threat vector.
Mark Cravotta is Keeper Security‘s chief revenue officer.
Keeper Security’s Mark Cravotta
“The monetary factors always stand out,” he said. “Cyberattacks cost financial companies, on average, 75% more than brands in other sectors, $4.7 million vs. $2.7 million respectively. Compared to last year, the average price tag from disruption of normal business operations increased by more than 150%.”
Some Improvement
Seventy-nine percent of businesses in the financial sector say they have an incident response plan in place. This is a 26-point increase compared to 2019. That puts the industry in a good position for protection and improvement for the future, according to Keeper Security.
The entire world was forced to digitally transform last year, Cravotta said. That left financial companies with security gaps that made them easy targets, and therefore more vulnerable to financial sector cyberattacks.
“In a fully remote workforce, the most vulnerable endpoints or entry points to an organization’s networks and enterprise systems are found to be laptops (54%), mobile devices (50%), smartphones (45%) and cloud systems (43%),” he said. “Securing these devices must be a top priority for organizations. This means using multifactor authentication (MFA), educating employees about social engineering attacks and reiterating the importance of password hygiene.”
Insufficient budget is the biggest factor that keeps a financial organization’s IT security from being fully effective. That’s followed by a lack of clear leadership and lack of understanding how to protect against cyberattacks.
Only three in five (60%) finance organizations have a policy in place with security requirements for teleworkers. These include promoting password hygiene, requiring authentication methods and protection of employees’ personal devices when used for business activities.
“Taking even the simplest precautionary steps can create a more secure environment, like using two-factor authentication and password management systems, and help mitigate even the most brutal attacks to networks,” said Darren Guccione, Keeper Security‘s CEO.
About the Author
You May Also Like