Connect with us
Finance Digest is a leading online platform for finance and business news, providing insights on banking, finance, technology, investing,trading, insurance, fintech, and more. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.


By Craig Wellman, Director, Financial Services, Microsoft UK

As industries and economies handled the aftermath of the pandemic, cybercriminals and hackers thrived amid the uncertainty. Previously isolated, loosely networked malicious actors were given the space and resource to form complex, inter-connected communities and economies.

Responsible for and dependent on a wealth of personal data, financial information and digital assets, the financial services industry proves to be a primary target of these attacks. Indeed, the sector was the second most targeted industry by ransomware in 2021, according to Microsoft’s Digital Defence Report – ahead of government, healthcare and education.

Facing such attacks, it’s no wonder that mitigating security risks and defending against cyber attacks has become top of mind for the sector, with research revealing that the industry spends 10% of its IT budget on security services. Yet despite this, many in the industry continue to fall victim to attacks. In fact, 74% of financial sector security leaders reported experiencing ransomware attacks in the last year, resulting in huge pay-outs totalling $602 million in the US alone, according to Chainalysis.

While the kneejerk response of many leaders has been to increase security spending, a failure to guide this investment towards securing weak points and defending the touchpoints cybercriminals target continues to leave organisations vulnerable. Without a well thought out, strategic approach to security investment, cybercriminals have been able to evolve their tools and scale their resources at a rate ahead of the industry, allowing the continued success of attacks.

The question then becomes, what can financial services leaders do with the resources they have to protect their data, and avoid facing costly ultimatums from hackers? Thankfully, there are many clear steps organisations can take to find a way forward.

Step 1 – Establish a security culture:

Despite complex networks and sophisticated groups now driving cyber-attacks, the vast majority still lead with the same rudimentary techniques used to gain access to secure systems five-to-ten years ago, with over 70% of ransomware attacks starting with phishing campaigns or password sprays.

Employees remain the first and most critical line of defence against malicious attacks. And as such, developing their awareness of how cybercriminals may look to use them to access secure data is vital in preventing malicious attacks.

Organisational culture is fundamental to maintaining security, and at Microsoft, we often find that the most secure organisations have created a people-first security culture, not just a set of directives. For financial services leaders, ensuring employees are equipped with the tools, training and sector-specific knowledge they need to stay safe is essential. Leaders can bolster protective practices by encouraging employees to be wary of communications that ask for sensitive information, creating an environment where they feel supported to report suspicious activity, and offering help and training to those who remain unsure.

Step 2 – Understanding and securing the weak points in IT infrastructure:

Increasingly becoming the infrastructure of choice, hybrid- and multi-cloud solutions can offer the industry more flexibility and resilience, but financial services organisations must also secure against the vulnerabilities and risks such software creates. Doing so requires cloud-agnostic tools that can reach across your infrastructure and reinforce the areas of overlap and connection to keep attackers out.

Step 3 – Underpin security with visibility:

Today’s big data, multiplatform, hyper-connected workplace has created evolving, inherent risks for every sector. Over the past two years, financial services organisations have seen a massive increase in their digital footprint, resulting in data fragmentation across applications, devices and locations. The lines between risk roles and the responsibility for protecting the workplace are also blurring.

The market has responded with an array of products which require security, compliance and legal teams to stitch together different solutions, but the result proves ineffective, offering a fragmented view of the data estate. As these environments become more complex, the risk of breaches remaining unnoticed and ransomware being allowed to spread across a network grows. Making sure leaders and IT teams have access to tools which offer one single view of the entire data estate, such as Microsoft Purview, will allow the financial services sector to govern, protect and manage the entire data estate, enabling an effective and timely response to malicious activity.

Step 4 – Maintain strong security hygiene:

Given the rudimentary techniques often used by cybercriminals, our research reveals that the basic fundamentals of cybersecurity, such as multi-factor authentication and keeping on top of software updates, can protect against 98% of current attacks.

Providing a strong security culture is established, maintaining what we refer to as “security hygiene” can be simple and straightforward. For example, commonplace multi-factor authentication technology only requires employees to confirm a login with a secondary device. A host of tools are available to support organisations to keep software and endpoints up-to-date and correctly configured, such as Microsoft Endpoint Manager, which can secure each touchpoint in an organisation’s IT infrastructure.

In following these steps to guide their security investment, financial services leaders will be able better guide their spending and resource to turn the tide against escalating security risks.

Continue Reading

Why pay for news and opinions when you can get them for free?

       Subscribe for free now!

By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Posts