Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.


Cybersecurity and financial services: tackling identity challenges for better online protection

Cybersecurity and financial services: tackling identity challenges for better online protection

By Steve Bradford, Senior Vice President, EMEA at SailPoint  

Cybersecurity and financial services: tackling identity challenges for better online protection

Steve Bradford

As an industry, financial services are significantly vulnerable to cyber-attacks. The Bank of England recently surveyed executives in the UK financial sector, finding that a staggering three-quarters (74%) deemed a cyber-attack to be the highest risk to the financial sector in both the short and long term, followed closely by inflation or a geo-political incident.

This is why financial services companies need to do more to fortify online defences. Preventative measures can safeguard sensitive corporate data from bad actors, and ensure that damage is mitigated when a breach occurs, or even stop it in its tracks completely.

Protecting identity in the digital arena 

One key factor contributing to the ‘make or break’ of a breach is identity. According to a recent study, 84% of all IT security incidents are due to compromised identities. From imitating CEOs, to emails that appear to be from IT support, cyber criminals have learnt to morph into those we trust. They are becoming more and more adept at stealing credentials, conducting social engineering attacks, and ultimately exploiting poor identity security hygiene within enterprises. 

Cyber criminals’ tactics have been aided by the shift to remote work since the pandemic. Today’s hybrid world of work has made it far harder to monitor the enterprise security perimeter – a perimeter that has become the users themselves, as hackers could immediately look to take advantage of multiple user access points. But the office isn’t risk free either. All it takes is a user to click on an unsuspecting phishing link. Any compromised account paves the way for cyber criminals to get their hands on sensitive business information.  

To eliminate these risks, it’s not a question of where an employee works. It’s about what cyber security measures are in place. Using AI-driven identity security provides staff with only as much access as is required to perform their assigned roles and responsibilities – no more, no less. Using AI also speeds and streamlines identity decisions, something crucial given the pace at which businesses – and cyber threats – are evolving. This enables identity teams to move faster and more effectively to spot and stop unnecessary, inappropriate, or potentially compromised access.  

Enhancing financial services’ cybersecurity with AI 

AI can never replace valuable human expertise, but it can augment it by using algorithms as a “force multiplier” to support overtaxed security analysts, identity management professionals, and incident responders, who all need to sort through an increasing amount of information to do their jobs.   

An AI-driven identity security programme also enables organisations to realise both cost benefits and operational efficiency, while evolving and adapting easily and quickly to the increasingly complex environment we’re living in. Yet, nearly half of businesses (45%) are only just starting to prepare for identity-based attacks. Considering the incremental year-on-year cost increase of cybersecurity insurance, growing services, rapid adoption of remote workforce strategy, and onboarding of IoT devices – in addition to easing pressure on cyber security staff – the need for adopting an identity security programme becomes glaringly obvious.   

Tackling the growth of identity challenges in financial services 

The case for identity security is even more pressing given the enormous amount of identity data generated in today’s world, from different users and systems to automated robotic processes. Machines now make up almost half (43%) of all identities in the average enterprise and these are set to grow exponentially in next 3-5 years. There’s so much data that finding any anomalies are a bit like finding the proverbial needle in the haystack.  

Since even the mere definition of an identity has evolved so much, organisations must keep pace. This means ensuring that their identity security programmes are taking this identity type into account when securing access. It’s not just about securing employee access, but contractors, partners, and now software bots too. A lot of organisations aren’t even “there” yet with recognising this identity type as one that needs the same identity security controls as their human counterparts. 

Human or non-human, enterprises must still do two things when it comes to managing these identities: reduce risk through better visibility and drive efficiency through automation. With AI at the foundation of their identity programme, financial organisations can gain better visibility and insight into the specific risks associated with user access. Additionally, these can help automate and streamline identity processes and decisions such as access requests, role modelling, and access certifications, driving greater efficiencies across an organisation. The power of AI will have a significant impact on how organisations manage, control, and secure all types of identity.  

Moving from technology-first to people-first approaches 

With the probability of high-impact cyber events in the UK increasing, financial services companies need to invest in the right technology measures to protect their data properly. Identity security is one important measure that can go a long way in preventing attacks, and automating the process helps reduce stress on overburdened IT security departments.

By approaching technology investment as more than just a tick-box exercise, financial services companies can elevate their defence strategies and be ready for the cybercriminals of 2023 and beyond.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking and Finance Review, Alpha House, Greater London, SE1 1LB, You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post