Cybercrime: Why FIs must stay vigilant to evolving threats

By : Dena Hamilton

September 19, 2017 12:00 PM

Cybersecurity is now one of the chief concerns for many types of public and private businesses around the world, but particularly those operating in the financial services industry. Banks are entrusted with looking after customers' money and their most sensitive and valuable information, so deploying effective safeguards against cybercriminals and hackers must be a priority.


Because of the trust that customers place in their financial institutions (FIs), it is important that FIs are aware of, and formulate defenses against, the latest cybercrime trends and risks. Recent research has highlighted some positive developments in how organizations are dealing with this threat, as well as some areas of concern for financial services firms in particular.


Self-detected incidents improve, but corporate networks still at risk 
According to the 
2017 Trustwave Global Security Report, which explores a range of cybercrime and data breach trends from 2016, there was an improvement in intrusion detection last year, particularly when breaches were self-detected. Among the hundreds of investigations analyzed, the median number of days from intrusion to detection of the event fell to 49 days, compared to 80.5 days in 2015. For internally detected breaches, the median was 16 days, compared to 65 days for externally detected incidents.


Corporate and internal networks once again experienced the highest proportion of breaches in 2016 (43 percent), followed by point-of-sale (POS) systems (31 percent).


More than half of all the incidents investigated by Trustwave targeted payment card details. Magnetic stripe data (accounting for 33 percent of security compromises) was primarily acquired from POS systems, while card-not-present data (30 percent) mostly came from ecommerce transactions.


Trustwave chief executive officer and president Robert McCullen said: "Cybersecurity in 2016 had both highlights and lowlights. As our data breach investigations and threat intelligence show, attackers continue to evolve their tactics and focus on extreme paydays as cybercrime becomes more like genuine business."


The perils of over-confidence
Businesses are now well aware of the threat posed by cybercriminals and most have taken protective measures, but one of the major pitfalls to avoid - regardless of how many checks, safeguards and security technologies are in place - is overconfidence. FIs in particular should be constantly tracking the latest threats, evaluating their cybersecurity and pinpointing areas that can be improved.


In a recent global survey by digital security firm Gemalto, the vast majority (94 percent) of IT decision-makers said network security - such as firewalls, antivirus software and anomaly detection - kept their organization safe. This is despite the increase in data breaches recorded in 2016, with more than 1.4 billion data records being stolen or lost.


Two-thirds (65 percent) of respondents admitted that, should their network security be breached, they wouldn't feel extremely confident that their data would be safe.


Jason Hart, vice-president and chief technology officer for data protection at Gemalto, said there is a clear divide between "organizations' perceptions of the effectiveness of perimeter security and the reality". He added: "By believing that their data is already secure, businesses are failing to prioritize the measures necessary to protect their data."


An earlier report, published by Capgemini in February 2017, focused on the financial services industry and painted a slightly different picture as far as cybersecurity confidence is concerned. It revealed that only one in five banking executives (21 percent) have a high level of faith in their company's ability to detect a breach. This is despite banks and insurers enjoying a higher level of consumer trust in their cybersecurity measures (83 percent) than any other sector.


From May 2018, all banks operating in the EU or with customers in EU nations will have to comply with the General Data Protection Regulation, one of the key features of which is a requirement for data breaches to be reported to the relevant supervisory authority within 72 hours of identification.


In the US, the Federal Financial Institutions Examination Council has responded to escalating cyber threats by developing the Cybersecurity Assessment Tool. This provides a "repeatable and measurable process" for FIs to assess their cybersecurity standards and identify risks.


Singapore, meanwhile, has released a draft Cybersecurity Bill for public consultation, one of the proposals in which is that critical information infrastructure owners must report security breaches. There could also be a requirement for cybersecurity vendors providing sensitive services to have a license.


Discussing this rising legislative focus on accountability and transparency, Zhiwei Jiang, global head of financial services, insights and data at Capgemini, said the trend provides a "prime opportunity" for banks to "become the digital fortresses consumers believe them to be".

Dena Hamilton

GM/Director, Enterprise Fraud & Security Software Solutions

Other articles by this author

Dena specializes in fraud, risk, compliance and security with over 35 years in the financial services space. Her focus is in the development and deployment of enterprise financial crime solutions optimized in prevention, detection and back office efficiency.