The rise of cyber attacks on the financial sector has caught the attention of regulatory bodies such as the Security and Exchange Commission (SEC) and Financial Industry Regulatory Authority (FINRA). Across the board, they’re tightening regulations and stepping up enforcement, putting pressure on financial firms to prove their policies and technology solutions have what it takes to protect networks and respond effectively to breaches.
Here are some of the top challenges driving a stricter regulatory environment and what financial services firms can do to meet them.
Hackers’ Focus On Finance Is Major Source Of Worry
Over the last few years, Distributed Denial of Service (DDoS) attacks have emerged as major threats to finance firms. In fact, it sustained as high as 15% of all attacks of this nature.
Analysts report that financial institutions are three times more likely to be victimized by cyber attack than organizations in other sectors. There’s no question: Hackers have trained their focus on banks, credit unions and insurance companies—making cyber attack one of the biggest sources of anxiety of modern financial services leaders.
There are a number of challenges that have, and will continue to increase the vulnerability of the financial sector to cyber attack. Here are three, as well as measures firms can take to counter them.
Managing third-party security. In response, financial firms are looking at using risk-based security frameworks to improve the security of information exchanges with business partners and suppliers, and enhance monitoring.
Securing mobile banking apps on proliferating number of mobile devices. Apps that enable customers to access accounts and make transactions from mobile devices is convenient for users and a boon to the efficiency of banks, but it does come with some serious risks. Mobile devices are a frequent target for exploitation by hackers and banks of no control over their use. The answer is to require advanced, multi-factor authentication processes. Many banks and credit card companies are also using biometrics as a proof-of-identity measure.
Threats from abroad. The tie-in between financial data, world economies and public safety is another factor that makes financial institutions an appealing target to organized criminals sponsored by nation-states or other powers. Monitoring big data can help pinpoint possible threats and draw attention to internal and external risks.
Regulatory Agencies Hold Financial Firms Accountable for Data Security
The dizzying rise in the number of cyber attacks sustained by financial firms last year, combined with the widespread potential for harm, has led financial regulators to turn proof-of-cybersecurity from request to requirement. While last year’s regulations emphasized access rights and controls, training, incident response plans, and governance and risk assessment; regulators have broadened their focus in 2016 to address:
- Retail investors, including examinations of exchange-traded funds
- Market-wide risks and assessment of liquidity risk management practices
- Data analytics to detect microcap fraud and excess trading with tell-tale signs of corruption
What does all this mean to financial firms?
With full accountability for network and private data security, firms can no longer treat cybersecurity as an afterthought or a job for anyone other than an expert. Financial services firms are well advised to work with a systems integrator which has the experience to navigate privacy regulations and compliance and implement solutions to address them. Learn more about Citon's security approach.