It’s no news that the finance and insurance sector is a hot target for cyber attacks. According to the 2018 Verizon DBIR, the financial sector experienced 146 breaches and 598 incidents last year. Attacks on web application authentication mechanisms, denial of service attacks, and ATM payment card skimmers were highlighted as being the most prominent threats, with attackers going after PII, payment card information, and banking information.
ATP groups like MoneyTaker, Carbanak, and Lazarus specifically target the finance sector and are known to have perpetrated hundreds of attacks on banks and financial organizations around the world, including high profile attacks like the $81 million theft from the Central Bank of Bangladesh in 2016.
Given the high pressure on financial organizations and the sensitivity of the data they possess, it’s good news that in a recent survey we did of companies in twelve countries, the financial sector came out as having a high awareness of cyber security and of the threats facing their companies. Financial organizations plan greater increases to their security budget than other sectors. Almost all have used cyber security consulting services, with a focus on improving employee security awareness and on vulnerability assessment.
We also found that financial organizations often prefer to manage their security in-house as products rather than use managed services. They tend to use a greater variety of security brands than other sectors. And 88% of companies either have, are planning to purchase, or are interested in advanced threat protection and detection and response solutions. The awareness has paid off: financial organizations have detected more attacks in the past year than the average across all other sectors.
So while the attacks are unrelenting, the defenders know the threat they are under and they’re fighting back. For more details, download our infographic, “2019 Security Priorities in the Finance Sector.”