Top Cyber-Security Trends for Financial Services

Top Cyber-Security Trends for Financial Services

Is the Threat Intelligence That Banks Generate Useful?

Actionable intelligence is difficult to identify. Combining threat intelligence with other disciplines, like incident response and fraud, is a proven method for connecting data elements to create actionable intelligence, according to Booz Allen.

Mobile Security Platform Weaknesses Are Resulting in New Threats

New threats cause consumers to unwittingly send information to a hacker, who then “owns” the device. The Perkele Trojan, a crimeware kit popular in the Middle East for attacking Android phones, for example, spread globally this past holiday season as online purchases increased.

Developing Countries Will See More Attacks on Local Banks

As Middle Eastern, Latin American and Asia-Pacific countries modernize their economic infrastructures they are appearing as targets on sophisticated attackers’ radars. The Saudi Arabian monetary agency, for example, reports one cyberattack on its banks every 14 seconds.

Mid-Tier Banks and Non-Banking Financial Institutions Are Vulnerable

Unlike large banks, mid-tier and regional banks, wealth management organizations, and hedge funds often lack the financial ability and technological know-how and manpower for widespread cybersecurity. This can create a cascade of systemic risks for all banks.

Firmwide Planning and Preparation Needed

To thwart insider threats, banks need to develop multidisciplinary teams that include IT, human resources, internal communications, marketing and legal to convey to all staff the importance of cyber-risk awareness and what to do if attacked.

NIST Standard Creates Challenges

Financial firms using the NIST framework risk liability if cyber breaches result in valuable data being destroyed or usurped by attackers. But this also prompts the insurance industry to offer policies to help firms offset that liability.

Big Data Demands Data-Level Security

As operational data moves to the cloud, fine-grained security is needed so that banks not only avoid sharing sensitive data but also defend against adversaries snooping in their data sets.

Managing the Transition to the Cloud

Financial institutions can upgrade security architectures and integrate improved controls. Also, they can deploy advanced analytics to cope with enormous volumes of security data to better identify malicious behavior trends.

Collaboration is Key

To better protect an organization’s network system, IT leaders should collaborate with the C-suite to develop a holistic and forward-looking program that transforms their security posture, according to Booz Allen.

Overcome Jargon

Booz Allen also recommends that security professionals “find their business voice” to bridge the language gap between technology, risk management, and cyber-security in order to prepare for the new wave of cyber-attacks.

Redefine the Concept of a Network Perimeter

Accomplish this by “developing a much more dynamic cyber-security approach that includes actionable threat intelligence, advanced adversary hunting as well as data protection and access controls developed at a much greater degree of granularity,” says Booz Allen’s Stewart.