It has been revealed that the number of breaches suffered by the financial services sector has tripled over the past five years. The study, conducted by Ponemon found that the average cost of cybercrime for financial services companies globally has increased by more than 40 percent over the past three years, from $12.97 million per firm in 2014 to $18.28 million in 2017 – significantly higher than the average cost of $11.7 million per firm across all industries included in the study.
Commenting on the news is Javvad Malik, security advocate at AlienVault, who said:
Financial institutions have had to change many business practises and technologies over the years. It’s not an easy or quick process by any stretch of the imagination. In doing so though, many legacy processes and disciplines have simply been lifted and shifted into the digital era. While this may work well for some aspects, such as the convenience of online banking – security hasn’t always been modernised accordingly.
The days of quarterly, or monthly vulnerability scans, or checking of logs once a week are no longer applicable. Speed and agility are of the essence. It’s not necessarily about having a lot of security tools, but having the right tools that are streamlined and can offer broad capabilities to not only protect systems, but more importantly, detect when attacks are occurring as close to the event as possible and orchestrating responses.
Alongside this, it is essential to invest in assurance activities, to validate that the security technologies, processes, and people are working as designed and fit for purpose. Otherwise they run the risk of discovering holes in their systems once an attack has been successful.