There has been a lot of disruption in the financial services industry in the last decade. Deloitte’s report, The future of financial services. Impact for Australia notes:
“Disruption will not be a one-time event. Continuous pressure to innovate will shape customer behaviour, business models, and the long-term structure of the financial services industry.”
And with disruption and innovation comes risk. Factors such as automated data collection, analytics, mobile payments, and personalisation of customer service offerings increase the need for tighter security requirements. No single cyber security solution can completely safeguard you but layering different security solutions on top of each other greatly mitigates the chances of your business being compromised.
Role of the Chief Information Security Officer (CISO)
CISOs have a tough, but vitally important job. Not only do they need to keep up to date with the ever-changing technology landscape, they need to use their influencing skills to gain buy in and support from the rest of the leadership team.
Utilising technology such as artificial intelligence to automate processes can save human resourcing and increase speed and efficiency but knowing what the unique needs of your business are is key when looking to add to your technology stack.
Running defensive capability testing such as Red Teaming is also the domain of the CISO. The objective behind Red Teaming is to identify the most critical component of the business and attempt to gain access to the resource in the same manner that a real-world attacker would attempt. The Missing Link’s methodology is based on years of malware research and post-attack forensic knowledge to accurately simulate known advanced persistent threat attack behaviour.
Major risks: identity theft and ransomware
Financial institutions take great care to try and minimise identity theft for their customers, but criminals are becoming more sophisticated in their approach. With the arrival of online banking and mobile payments, there is an increased risk for all consumers that their personal details will be skimmed. Especially in the lead up to the of end of financial year, we see a spike in these scams.
Ransomware attacks are all too common. And financial institutions are one of the most commonly targeted businesses. The Wannacry event that hit the news in 2017 caught a large number of prominent businesses out, including Boeing. Our advice? Pre-plan. It’s easy to get caught in the moment and let emotions drive your response. Pre-planning allows you to logically build out a procedure to be followed in the event of a ransomware attack. It also pays to train your staff regularly about cyber security and what they can do to help avoid falling victim to attackers.
It’s worth approaching potential attacks as something that will be certain to happen at some point, even if the ‘when’ part is harder to determine, and ensure your business is properly protected.
If you’re looking to improve the cyber security landscape for your financial services firm, why not book a security assessment today and let our experts guide you towards the best solution for your unique needs.
If you liked this article, you may also like:
Learnings from one of the biggest data scandals ever
Quantum computing: is it a cybersecurity threat?
Enterprise legal: the focus is on AI, cloud and security
