By Caroline Paddle, director, Skybox Security
The cyber threat to financial institutions is growing at a staggering rate. The Financial Conduct Authority recently reported that British financial services companies saw a fivefold rise in data breaches in 2018 compared with the year prior. As the number of threats continues to increase, a stark reality is setting in for a number of financial institutions (FIs): if they’re currently not confident in their ability to manage their current threat level, they might soon find themselves staring over the cliff face.
The story of cybersecurity within the financial services industry for 2020 will be one of FIs placing greater scrutiny on their existing security environments, reigning in their focus to ensure that they have the strongest foundations to help them weather the ensuing storm.
Security of third-party environments will be tightened
Monitoring third parties’ cybersecurity is a growing concern for banks, one echoed in a stark warning given earlier in 2019by Paul Williams, senior technical advisor of operational risk and resilience at the Bank of England (BoE). Of course, it’s only logical that if a bank doesn’t have full visibility of all itsnetwork entrance and exit points, they are putting their entire infrastructure at huge risk. Third parties are already dividing banks’ security environments, and this isn’t likely to end soon.
The mounting pressure on FIs to achieve a complete understanding of their vast network infrastructure, and to secure their increasing portfolio of third-party environments, needs to at least be somewhat resolved in 2020. To deal with this issue, it’s necessary for FIs to meticulously investigate their APIs and consolidate their security architectures so they have an improved awareness of the risks that face their business.
Cloud misconfiguration will cause confusion
Banks have welcomed cloud technologies with open arms. Cloud as a platform is now being usedto cope with the surge in big data, improve operational efficiency and develop banking platforms. FIs are especially interested in how rapidly cloud services can be integrated alongside existing operations.
However, as banks try to roll out cloud services as quickly as possible, security is being deprioritised to spin up new IaaS cloud environments as quickly as possible. This has resulted in fresh risks being created through access point misconfiguration. If FIs don’t make sure that security underpins all cloud initiatives, it’s likely that the propagation of these types of risks is only going to increase next year.
As cloud is a comparatively new tech, banks are still grappling with how to achieve complete network visibility and comply with necessary security standards. Confusion around how to secure cloud is no excuse, however, for deploying insecure cloud services. FI security teams need to work with DevOps to establish a better way of working that eliminates the possibility for misconfiguration, and they need to do so quickly: the number of vulnerabilities reported which affect cloud IaaS is likely to increase by 50 percent over 2018 figures by the end of 2019 according to Skybox Security’s 2019 Cloud Trends Report. To manage emerging cloud risks in 2020,we are going to see financial organisations pigeonholed into a position where they have to bolster their network audits and tidy up their firewalls.
Tech debts are dealt with
Financial organisations are constantly being held back by their often-archaic legacy technology. One sector that will be especially vulnerable in 2020 is the ATM industry. This is because a bulk of their operating systems rely on Windows 7,an operating system that will no longer be supported by Microsoft from January 14th.
To move forward with their digital transformation plans, banks have to continue to deploy new controls on top of their old systems. For security teams to cope with the increasing complexity of their aging infrastructure, they must endeavour to embed security within their transformational plans. It’s imperative they look at how they protect their existing environment whilst simultaneously bolstering their security measures.
Processes and people play a part
Banks aren’t immune to the ongoing cybersecurity skills crisis. But as they fight to keep members of their security team on board, there is an absence of staff to keep on top of basic tasks such as vulnerability patching. Despite endeavours to use technology to more effectively manage these tasks, there is still a surprising over-reliance on manual processes throughout the sector.
Throughout 2020, FIs will need to find fresh means of utilising their existing resource more successfully. This can be achieved through readjusting workloads based on detailed threat intelligence, automating more processes and with greater frequency, consolidating activities, combatting organisational silos, or a combination of these tactics.
Ransomware rises again
The propagation of cryptominers was a primary concern for many FIs at the beginning of 2019. But as cryptocurrency has declined in value, so too has the popularity of mining malware. Criminals are profit-driven, and the most profitable tactics for them now are their old favourites: botnets and ransomware.
In response to this threat, banks must prioritise operational resiliency. Right now, many organisations are encumbered by a bloated collection of point products. To increase efficiency and better deal with the changing threat landscape,many are seeking to consolidate their cybersecurity solutions in 2020. To tackle the imposing threat of botnets, systems should be amalgamated,and data normalised to form an intelligence-driven understanding of the complete network. To spot these attacks and remediate their most exposed vulnerabilities, banks needto have this insight.
2020 isn’t going to be easy for CISOs operating in the financial services sector. Only time will tell if the sheer volume of threats and attacks knocking at their door gets too much to handle. As talent remains scarce and threats multiply, banks must be sure to invest in the technology that can keep them abreast of the most critical security issues facing their organisation.