March 27, 2017, 8:40 pm
Facebook iconTwitter iconYouTube iconGoogle+ icon

Banks spend 3 times more on security than non-financial businesses

FINANCIAL institutions are under pressure to ramp up security, with trends such as the increased take-up of mobile banking putting banks’ IT infrastructure defenses at growing risk of cyber-attack. 

Increasingly, customers are playing an important role in highlighting security incidents, with a quarter (24%) of financial institutions saying that some of the threats they faced in 2016 were identified and reported to them by a customer.

According to the Financial Institutions Security Risks research from Kaspersky Lab and B2B International, security investment is a high priority for banks and financial institutions. Suffering from attacks both on their own infrastructure and on their customers, retail banks spend three times as much on IT security as comparably sized non-financial institutions. 

Moreover, 64% of banks admit that they will invest in improving their IT security regardless of the return-on-investment, in order to meet the growing demands of government regulators, top management and even their customers. 

Despite banks putting serious efforts and budgets into safeguarding their perimeters against known and unknown cyber-threats, protecting the breadth of IT infrastructure that now exists – from traditional to specialized, ATMs and Point-of-Sale terminals – has proved difficult. 

The vast and ever-changing threat landscape, coupled with the challenge of improving the security habits of customers, has provided fraudsters with ever more points of vulnerability to exploit.

Emerging risks related to mobile banking are highlighted in the report as a trend that can expose banks to new cyberthreats. 42% of banks predict that an overwhelming majority of their customers will use mobile banking within three years, but admit that users are too careless in their online behavior. 

The majority of the banks surveyed admitted (46%) that their customers are frequently under attack from phishing attempts, with 70% of banks also reporting financial fraud incidents as a result, leading to monetary loss. 

Rising phishing and social engineering attacks on customers have seen banks reassess their security efforts in this area. 61% of respondents see improving the security of apps and websites that their customers use as one of their main security priorities, closely followed by the implementation of more complex authentication and verification of log-in details (a key priority for 52%).  

Although they are vulnerable to the phishing tricks and tools that target their customers, banks are still more concerned about another ‘old enemy’ – targeted attacks. And they’ve got good reasons to be worried – targeted attack methods are becoming more common-place, with malware-as-a-service platforms even being used to harm financial organizations. 

Experience of real incidents shows us that investments into security in the financial industry are well worth it in most cases – financial institutions report significantly fewer security events than companies of the same size in other industries - with the only exception of targeted attacks and malware. The detection of abnormal, potentially malicious activity, combining legitimate tools with fileless malware, requires a combination of advanced anti-targeted solutions and extended security intelligence. Still, 59% of financial firms are yet to embrace third-party threat intelligence. 
Rating: 
No votes yet
Twitter icon
Facebook icon
Google icon
LinkedIn icon
Pinterest icon
Reddit icon
Yahoo! icon
e-mail icon

Column of the Day

Duterte immobilized

By DODY LACUNA | March 24,2017
700 View(s) 0 Comment(s)
‘He should deter the AIDS outbreak victimizing the youth whom he has pledged to protect always.’

Opinion of the Day

Reviving Laguna de Bae (2)

By DAHLI ASPILLERA | March 27, 2017
318 View(s) 0 Comment(s)
‘Industry and residents must be disciplined; penalized. “We are doing all these for the local subsistence fishermen.” – Jaime Medina, LLDA general manager.’