Thales Blog

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor

September 1, 2022

Marcelo DeLima Marcelo Delima | Senior Manager, Global Solutions Marketing More About This Author >

Organizations in the finance sector manage trillions of dollars and maintain very valuable and vital electronic data, including bank account, credit card, and transaction information as well as sensitive data related to estates, wills, titles, and other matters. That is why criminals have historically chosen to focus on this industry over the years, with organized crime evolving into organized cybercrime.

However, all this attention from cyber criminals, as well as regulators and governments, has produced an extremely resilient industry with some of the best cyber security practices of any sector. The 2022 Thales Data Threat Report, Financial Services Edition, outlines the challenges financial services organizations face securing sensitive data and provides guidance around reducing the risk of attacks such as ransomware, malware, phishing, and denial of service. It highlights the leadership of financial services in cybersecurity relative to other industries, but it also uncovers some surprising chinks in their cybersecurity armor.

Malware and ransomware attacks increase

43% of respondents from the financial services industry reported an increase in the volume, intensity, or scope of cyber-attacks during the past year, with 29% of respondents reporting a breach at their organization during the past year, which is 4% below the global average. Ransomware and malware were ranked as the leading threat (cited by 59% of respondents), followed by phishing and denial of service, both at 37%, and man-in-the-middle attacks at 31%.

Ransomware’s power comes from the immediate “kidnapping” of data and critical systems, requiring a rapid, rehearsed response plan. While a majority of financial services respondents (52%) have a formal ransomware plan ( again four percentage points higher than the global average), still a large portion of financial services organizations still does not have formal response plan for the threat of ransomware.

Remote working worsens the “human factor” weakest link

Unsurprisingly, the “human factor” remains the weakest link in cybersecurity. 80% of respondents from the financial services industry were very or somewhat concerned about security risks and dangers posed by remote personnel. 44% of financial services organizations prioritized multifactor authentication (MFA) as the most effective security technology for preventing cyberattacks. At 10 percentage points higher than the overall survey base, this speaks well for the financial services industry focus on access control security. However, MFA is not universally deployed. The deployment of MFA is 7% lower than average for internal, non-IT employees and staff and 5% lower than average in deploying to privileged employees and staff.

Despite the rising threat landscape and the fact that financial services companies often have a highly distributed infrastructure consisting of retail stores, innumerable IoT devices, and hybrid workforces, they have been slow to embrace a Zero Trust strategy. Only 27% of financial services respondents have a formal Zero Trust strategy and have actively embraced Zero Trust policies.

Banks have turned into hybrid environments

Banks and other financial services institutions have adopted a multi-cloud strategy. According to the survey, 66% of the financial organizations use more than 25 SaaS applications, and 72% of them reported they use more than one cloud (IaaS) provider.

Nearly two-thirds (62%) of the surveyed businesses stated that they had more than 40% of their workloads and data in the cloud, meaning that the rest of the data is stored and processed on-premises. A majority of respondents (54%) stated that more than 40% of their cloud-based data is sensitive.

Data security challenges

Securing data in a complex hybrid environment is not simple. Hybrid, multi-cloud computing environments are more complex to administer and secure, and usually result in more point data security solutions to manage and coordinate.

More 36% of financial services respondents reported having 5-7 key management solutions, while 23% had more than eight, which is 8% above the global average and one of the highest in the survey. That results in higher costs, complexity, and risk for financial services firms while surprisingly not adding considerably to the effectiveness of data security.

Half of financial services organizations indicated that 40% or less of their sensitive cloud data is encrypted, a whopping 12% worse than global averages, signaling potential critical vulnerabilities for financial services organizations when protecting their most precious assets.

Moving ahead

Low encryption rates and overly complex key management procedures, which frequently conflict with one another, contribute to the problem of data loss from breaches. MFA, a crucial security strategy, is developing but isn't yet widely used.

Zero-trust strategies are still popular, especially in remote access and cloud contexts, but a real zero-trust approach should be equally useful for all users, devices, and workloads, wherever they may be. A zero-trust approach focused on users and devices outside of the business is a good place to start, but for it to be truly effective, it must be implemented throughout the entire IT infrastructure.

A crucial component of efficiently establishing priorities and carrying out security projects is coming to a shared understanding. Security teams can collaborate to effectively solve whatever problems the future brings when they are linked with the key stakeholders of the business.

Download the full 2022 Thales Data Threat Report, Financial Services Edition now.