2017 Cybersecurity Outlook for Financial Services Organizations
The Cybersecurity Challenge. Threat Landscape, Risk Mitigation and Considerations are all included in this white paper
In an industry as highly regulated as financial services, one might think that maintaining regulatory compliance would go a long way toward assuring sufficient protection. This is not the case. While various regulatory acts focus on protecting specific data assets they do not cover the broader scope of network and operational considerations required to achieve high degrees of security. What Cyber Security Challenges are Facing the Financial Services Industry? Network Engineers often note that the most vulnerable segment of any network is that segment which occurs between the keyboard and the back of the chair, namely the user. When you think about it, there’s great common sense to this. Users are not digital. Their responses can occur anywhere along a continuum of possibilities. They are unpredictable and easily fooled by well-disguised exploits, such as “phishing” exploits. In a phishing exploit, users receive an email from what appears to be a credible sources. The email contains a link that looks like it goes to that credible sources reliable website, however it does not. In its simplest form, letter substitution, as an example the letter “o” may be substituted by the numeral “0” to create a different domain altogether, as in “northernbank.com” being changed to “n0rthernbank.com.” Clicking this link unleashes any one of a variety of attacks, such malware that corrupts data or steals valid credentials. In the case of the recent hacks on the Democratic National Committee it has been reported that “spearphishing” attacks were used, in which the recipient of the false email was specifically The Cybersecurity Challenge and individually targeted. According to PwC Global, phishing was the #1 vector of cyberattacks in 2016, with 43% of financial service employees in a recent survey citing phishing attacks. One of the growing dangers arising out of phishing and other activities is the threat of “ransomware” in which a company’s data is held hostage or stolen. The company is then offered the opportunity to retrieve their data by paying a substantial ransom. Of course there’s no reason to believe the attacker will return the data, or not strike again. The main perpetrators for phishing attacks against Financial Services organizations are organized crime syndicates and stateaffiliated actors.
Synoptek is a managed services provider (MSP) that stands behind its trusted customer service focus, on-time delivery, proven experience, and value-add philosophy—meeting your business expectations every time.