Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Finance

The Biggest Weakness of the UK Finance Sector is Cybersecurity

Cybersecurity in financial services

By Darren Guccione, CEO & Co-founder of Keeper Security

Over recent months, the UK finance sector has been sorely affected by the consequences of Brexit, with cross-European institutions and much of the City of London’s share-trading work now moved to European capitals and future development jeopardised. Work to shore-up business and ensure continuity has occupied the majority of finance chiefs’ mind-share over recent months, and seems set to continue for some time.

Alongside this, Covid-19 has forced an enormous acceleration in digital transformation. Organisations report exponential change. Systems and data within finance – explicitly designed to prevent external access when they were established, needed to be opened up and new ways of working introduced.

This double crisis – Covid and Brexit – has reduced the attention afforded by the finance industry to cybersecurity, it seems, and internet-based criminals smell blood in the water.

New research says seven out of ten financial businesses admitted they’d suffered a cyberattack over the previous 12 months. And nearly three in five of these attacks detected by UK finance firms were made easier because of the remote-working conditions created by the Covid-19 pandemic. There is also anxiety over the use of personal devices to conduct work operations, in some cases a necessary consequence of remote working during the pandemic.

Continual fire-fighting around Covid and Brexit has also led a large number of businesses to stop planning for cybersecurity emergencies – or not start that planning to begin with. A worrying half of finance leaders in the UK do not have what even they consider an ‘adequate’ cyber-incident response plan in place.

Small steps can also be giant leaps

But remote working is not inevitably insecure. Security can always be tightened through the right practices, tools and policies.

Rapid progress towards a more secure business can be made by picking the low-hanging fruit. Overwhelmingly, passwords are a point of weakness that can be made stronger with simple, yet effective changes. The vast majority of data breaches are caused by successful password attacks. And I suspect we all know why.

Typical professional workers need to be able to produce around 85 passwords or more on a regular basis, between their work and home accounts. No normal person can remember even a fraction of that number and, if they have memorised more than a few, it’s because they’ve developed some sort of “special system” – whereby all their passwords are strikingly similar. Otherwise, they’re engineered for human frailty. If you ask most people to produce a password including 8 alphabetical characters, 4 numerals and a special character, the typical response will be ‘password1234!’.

An enterprise-ready password manager is easily deployed, is simpler for users than remembering passwords, and is relatively inexpensive in relation to its impact. Good solutions generate passwords with high entropy, using technology that requires neither the user, nor the provider, to remember the password. Coupled with other relatively simple measures, often built into leading operating systems, the most common malicious routes to accessing sensitive information can be closed down.

The last year has created considerable changes to working life, and security has not always been front of mind. Twelve months on, this needs to be urgently addressed and the UK finance industry needs to be especially cautious, given the attractiveness to cyber criminals of the wealth of data it possesses.

A reliable security infrastructure is more crucial than ever as UK financial service providers battle for business outside the EU’s single market in the wake of Brexit.

Without rigorous security in place, finance firms are putting their operations and potentially, client information at risk. A single successful cyberattack is enough to destroy the reputation of an entire business. As we continue to navigate the work landscape of 2021, financial companies should act now to invest further in cybersecurity strategies and technology before it’s too late.

Global Banking and Finance Review Awards Nominations 2022
2022 Awards now open. Click Here to Nominate

Advertisement

Newsletters with Secrets & Analysis. Subscribe Now