According to the Financial Conduct Authority, financial services companies in the UK saw a fivefold rise in data breaches in 2018 compared with the year before. So, as the cyber threat to financial institutions (FIs) grows, will organisations reach the point where the risk level is out of control? Caroline Paddle, director, Skybox Security, gives her predictions about what we can expect in terms of financial services cybersecurity over the next 12 months.
Coping with cloud misconfiguration: Cloud as a platform is being brought in to deal with the increase in big data, build out banking platforms, and improve operational efficiency. FIs are particularly attracted to how quickly cloud services can be spun up, but the race to deploy new cloud services is leading to security being side-lined and more new risks being introduced through misconfigurations of access points. It’s likely that the proliferation of these types of risks are going to increase over 2020 unless FIs ensure that security underpins all cloud initiatives.
Given cloud’s infancy, banks are struggling to understand the required security standards and how to achieve complete network visibility. Worryingly, Skybox Security’s 2019 Cloud Trends Report found the number of vulnerabilities reported which affect cloud IaaS is likely to increase by 50 percent over 2018 figures by the end of 2019.
In 2020, we are going to see financial organisations forced into a position where they have to ramp up their network audits and tidy up their firewalls in order to manage new cloud risks. In order to enact real change, however, CISOs will need to ensure that the security of cloud services is seen as much more than a surface-level concern.
Third parties will go under the microscope: Paul Williams, senior technical advisor, operational risk and resilience at the Bank of England (BoE) recently said that monitoring third parties’ cybersecurity is a growing concern for banks. If banks don’t have full control over all ingress and egress points, they could be leaving their critical infrastructure worryingly exposed.
Third parties are already fragmenting banks’ security environments and as this trend looks set to continue the pressure for security teams to gain full visibility over their sprawling infrastructure will only increase. Over the coming year, financial organisations will carefully look at their APIs and build out their security architectures, so they have a greater understanding of the risks posed to them.
Dealing with the tech debt: There is an incredible amount of legacy technology still being used by financial organisations. The ATM industry is particularly at risk because a majority of their operating systems rely on Windows 7, whose support by Microsoft is ending in January 2020.
More generally, banks, on top of their old systems, are looking to deploy new controls – so how can they protect this growing web of aging technology? Banks must take time and effort and to build security into their transformational activity. It’s critical they look at how they protect their current environment and build up their resilience.
Resurgence of ransomware: We came into 2019 fearing the rise of Cryptominers. As the value of cryptocurrency has declined, so has the use of this once-dominant malware. Criminals are always chasing the money, which is why they’re turning back to heavier usage of ransomware and botnets. To deal with these attacks, FIs need to improve their operational resiliency. Currently, too many organisations are slowed down by their bloated assortments of point products. In 2020, many will be looking to consolidate their cybersecurity solutions.
In order to fend off the rising botnet threat, they need to be able to integrate multiple systems and normalise that data to build an intelligence-driven view of their entire estate. Without this insight, it will be incredibly difficult for them to be able to spot these attacks and almost impossible to remediate their most exposed vulnerabilities first.
What about people and processes? It’s a fact that financial companies struggle to retain talent in their cybersecurity teams – this is compounded by the ongoing cybersecurity skills crisis. Consequently, there aren’t enough people to carry out vulnerability patching properly, particularly within organisations that still use manual processes as standard.
Over 2020, FIs will have to find new ways to use their existing resource more effectively. This may be through automating more processes, realigning workloads based on deeper threat intelligence, consolidating activities, breaking down silos, or a combination of any of these strategies.