Connect with us




The costs associated with cyberattacks on the financial sector are rising as organisations face increasingly sophisticated threats. New research [i] by Kaspersky Lab and B2B International reveals the scale and impact of attacks, with financial firms facing losses of over half a million pounds (£742,003) on average for each cybersecurity incident they face.  

The staggering figure is revealed as part of Financial Institutions Security Risks 2016, a survey of finance professionals highlighting the main security challenges for banks and financial institutions around the world and the financial costs of specific cyberattacks. The most-costly type of incident for financial organisations are threats that exploit vulnerabilities in point-of-sale (POS) systems, in which an organisation typically loses £1,658,161. Attacks on mobile devices are the second most costly (£1,314,933), followed by targeted attacks (£1,045,697).

Compliance is the main driver for increasing investment in IT security in banks and financial institutions. However, the study found that 61 per cent of UK organisations believe that being compliant is not enough to be secure. Another significant reason for spending more on security is growing infrastructure complexity. For example, an average financial firm adopts virtual desktop infrastructure (VDI) and manages approximately 10,000 end user devices with roughly a half of them being mobile smartphones and tablets.

Insufficient internal expertise, top management directives and business expansion are also among the top reasons for a budget increase. In general, investing more in security appears to be inevitable to a clear majority of financial firms as 82 per cent of them expect an increase in their IT security budgets.

David Emm, principal security researcher at Kaspersky Lab commented:“It is not surprising that financial organisations are looking to increase spending on security, given the substantial potential monetary losses from cyberattacks. Successful security strategies lie not just in spending on compliance, but in a multitude of cyber security solutions to minimiseunauthorised access. This includes paying more attention to personal security awareness, getting better insights on the industry-specific threats and investing more in protection from advanced targeted attacks.”

The study shows that UK financial firms seek to address security challenges by getting more threat intelligence and conducting security audits, with 75 per cent considering this measure effective. However, organisations from the financial sector are less inclined to use third-party security services with only 52 per cent of those surveyed perceiving it as an effective approach.

Kaspersky Lab’s experts recommend five key considerations for security strategies adopted by financial organisations in 2017.

  1. Beware of the targeted attacks

Targeted attacks on financial organisations are likely to be conducted through using third parties, or contractors. These companies can often have weaker or no protection at all and can be used as an entry point for malware or a phishing attempt.

  1. Do not underestimate less sophisticated threats

Fraudsters can strike at mass and benefit from the scale using simplest tools. Social engineering might contribute to 75 per cent of fraudulent incidents while only 17 per cent could be caused by malware.

  1. Do not pick compliance over protection

Budgets are usually allocated in favor of compliance, but strengthening security and introducing new protection technologies requires a more balanced approach to the allocation of resources.

  1. Do regular penetration testing:

Unseen vulnerabilities are real nevertheless. With implementation of sophisticated detection tools and penetration testing, vulnerabilities and incidents will emerge. Ensure your eyes are open to all weaknesses and threats – before it’s too late.

  1. Pay attention to insider threats

Employees can be exploited by cybercriminals — or decide to become ones. Effective security strategies should go beyond perimeter protection to include techniques that can detect suspicious activity within organisations.

To learn more about financial organisations’ losses from security incidents and effective security strategies to fight them, along with some other findings from the report by Kaspersky Lab, read our blogpost.

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate


Newsletters with Secrets & Analysis. Subscribe Now