Connect with us


Warning on Financial Services approach to security as cyber breaches rise

Warning on Financial Services approach to security as cyber breaches rise

Over four in ten businesses experienced a cyber-security breach over the last year, according to The Government’s Cyber Security Breaches survey.

Investment in cybersecurity by finance and insurance firms in the last year reached a total of £17,900, and 51 percent of businesses have implemented all of the five basic technical controls listed under the Government endorsed Cyber Essentials scheme.[1]

But this is not enough to keep modern IT systems secure, according to financial technology experts World Wide Technology. Changes to the way financial services use technology means that information cannot simply be kept on a closed system and protected from external threats by a firewall. Data is now shared between thousands of locations. Multiple third parties, such as credit ratings interbank payment services, need access to this data to provide their services. It is also shared with employee and customer devices through mobile banking apps and bring-your-own-device schemes. This makes IT systems much more open to attack and requires a fundamental rethink in approach to security.

Nick Hammond, Lead Adviser for Financial Services at World Wide Technology, comments: “The way data use has changed in recent years has made companies much more vulnerable to cyber breaches.

“Data-sharing between multiple devices and third parties is important for the way we bank today, but it poses a pressing security challenge for protecting this data. It is no longer possible to draw a perimeter around the whole system, so instead each individual application has to be protected, and only allowed to share data with other applications which need it.

“But the sprawling, interdependent nature of modern financial IT infrastructures means creating this is often easier said than done. Over the years, IT architectures have become a patchwork of updates, changed by various different teams without visibility over the entire system, creating many complex interdependencies.

“This means that trying to isolate one application and secure it can mean another one stops working. For example, e-commerce systems often rely on credit card databases to work, and would stop working if the communication between the two was cut off.

“If they are to tackle threats of cyber breaches in a future-proof way, financial services firms need a bespoke security policy that traces every interdependency within their systems and adapts protection policies to fit the complexities of the system.”

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate


Newsletters with Secrets & Analysis. Subscribe Now