Post-Pandemic Technology & Cyber Security Trends in Banking – Part 2
In this second part of our review of key cyber and security-related technology trends in banking in the post-pandemic world, we look at the top cyber threats targeting banking and financial services organisations in 2021. We also look at some of the emerging cyber technologies being adopted and considered by banking and financial services organisations around the world.
Over the last decade, cyber attacks have become an ever-growing threat for banks. Technology has advanced rapidly and threat actors have learned that banks are a lucrative target. Threat actors have evolved their techniques to make it difficult for any company to fend off the attacks. Cybersecurity is not an issue limited to industries involving technology only. It holds a critical value in banking since banks make millions of transactions each day, most of which are done on digital payment platforms. Without solid cyber security measures in place, your bank’s sensitive data could be at risk.
Top 3 Cyber Threats to Banks and Financial Services
Rather unsurprisingly, the top three cyber threats in banking and financial services have remained pretty much the same for the last 5 years:
Whether willful or negligent compromise of company data and intellectual property, insider threats remain a top concern for the banking and financial services sector. This is not just because of the reputational and operational damage that might result from an insider threat event, but also the regulatory pressure that will almost certainly follow an insider data breach.
If anything, Ransomware attacks have increased in recent years and while many banks and financial services organisations may have adequate security controls in place to address the threat, there is always the fear of operational disruption and reputational damage should an attack be successful.
Elasticito’s belief is that ransomware attacks on key third parties pose a significant risk to banking and financial services companies, not least because an ever-increasing amount of sensitive data is being shared with external parties. Greater cyber risk assessments and monitoring of ransomware risk with third parties, will be a critical risk management requirement over the next five years.
Phishing and Social Engineering
While phishing and social engineering have been on the threat landscape for some time, it is the adoption of mobile apps for core banking and other services that has made this threat even harder to curtail. Unofficial app stores with replica banking apps that are designed to trick customers into sharing their data, have proliferated in recent years. This is particularly a concern in the Android ecosystem, where app stores are able to operate in addition to the official Google Play store.
It is a similar story for clone Facebook, Instagram, Twitter and other social platforms. This means that information security threat intelligence teams will have an increasingly uphill struggle to identify and take down malicious or fraudulent sites and social accounts. It is however, becoming somewhat of an arms race and the criminal only needs to be successful once to make it his/her while.
Adoption of Security-Related Technology Solutions in Banking
While the table below is not an exhaustive list of emerging and maturing security technologies in Banking, it does represent some of the key technologies that Elasticito sees its banking and financial services customers considering or deploying.
In Horizon 1 (the current time period/financial year), we break down technology deployments into ‘at scale’ deployments and niche/departmental deployments.
Unsurprisingly, given the top three cyber risks of phishing, ransomware and (negligent) insider threats and the focus on human vulnerabilities, we see continued focus on cyber awareness training, Multi-Factor Authentication, Endpoint/Extended Detection and Response (EDR/XDR) and Data Loss Prevention (DLP) solutions. User behaviour analytics to spot early warning signs of abnormal user behaviour also forms part of this strategy. Cyber Threat Intelligence (CTI) monitoring solutions are also being deployed at scale in the current time period.
As digital transformation continues and banks and financial services organisations increasingly look to third parties to help them deliver core services, more and more data is being shared with external parties. This has led to increased scrutiny of digital connections with third parties with cyber risk assessments and monitoring forming a core part of this. Privileged Access Management solutions are also being widely deployed to restrict user access to sensitive and critical systems. As DevOps increasingly look to make use of containers and orchestration environments, like Kubernetes, development workloads are increasingly being assessed for vulnerabilities and mis-configurations.
In Horizon 2 (looking forward to the next year/time period), many banks and financial services organisations have been running tests and proof of concepts for emerging security technologies, like Security Validation, which aims to simulate offensive attack methods in order to test the effectiveness of security controls, cyber risk quantification – translating complex cyber risk into language that non-technical business executives can understand, as well as innovative initiatives like Zero Trust Networks and Application Isolation.
In Horizon 3, we see a number of promising emerging security related technologies that are on the medium term radar for financial services organisations. Some of these include areas like risk-based vulnerability management. Some organisations have already deployed early iterations of these solutions, aimed at helping security teams to not focus on fixing all vulnerabilities, but to identify and fix the highest priority vulnerabilities; particularly in network segments where security controls are potentially weakened.
At Elasticito, we speak with many CISOs from across Europe and one common request we hear is for a usable ‘CISO Dashboard’ or a central reporting interface. To some, this may seem like an unobtainable dream, but there are some interesting concepts emerging at the moment that aim to deliver accurate management information to help CISOs to manage the effectiveness of their team and to communicate to the Board and management team.
Lastly, and possibly the item that has the potential to cause the biggest impact over the next five years, is the emergence of Microsoft as a significant player in the enterprise security space. Deployments of Microsoft’s Azure Sentinel SIEM and Defender tools for endpoints and servers as well as other Microsoft tools, will increasingly be selected and deployed within mid market organisations, as Microsoft’s partners and enterprise sales force relentlessly apply pressure on customers (targeting the CIO and CFO) to purchase the Microsoft Enterprise 5 (or E5) licence pack. Whether some in the information security world like it or not, this will result in Microsoft becoming a dominant player in the security space very shortly.
In summary, the post-pandemic era in banking and financial services will see some transformation change, driven and accelerated by the digital transformation that had already begun pre-pandemic and accelerated by the urgent requirement to adopt new ways of working and delivering services remotely. From a cyber security perspective, this will mean a greater focus on cyber risk monitoring for first and third parties.
Banking is one of the most vulnerable industries to cyberattacks. However, the industry can reduce its vulnerability by taking proactive measures to protect itself by implementing the latest cybersecurity measures. Contact Elasticito for further information by clicking here.