Connect with us
Finance Digest is a leading online platform for finance and business news, providing insights on banking, finance, technology, investing,trading, insurance, fintech, and more. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.


Protecting assets from digital threats: Ethical hackers are the financial industry’s solution to the cybersecurity challenge

By Dane Sherrets, Solutions Architect at HackerOne

The finance industry has long made peace with the fact that it will always be a prime target for cybercriminals. And yet the frequency and intensity of attacks in the years since the pandemic have disarmed even the most jaded industry veterans. It would be unfair to claim the finance industry hasn’t been proactive about protecting its assets from attackers—but it has also become clear that it hasn’t been nearly proactive enough.

The last month alone offers ample testament to the need for a more comprehensive approach to cybersecurity. First, in early November, the U.S. financial services division of the Chinese bank ICBC was hit by a ransomware attack so severe that it temporarily disrupted trading in the U.S. Treasury market. Just over a week later, a threat group successfully infiltrated the systems of Fidelity, among the largest title insurance companies in the US. The attack sent shockwaves through the housing market and forced Fidelity to block access to parts of its systems for days.

It is a given that the costs of a cyberattack—reputational and financial—make improving cybersecurity systems a first-order priority for financial institutions. But it’s increasingly become clear that one of the best ways to fend off the bad guys—and keep customer data safe—is to enlist hackers of your own.

Why the financial services industry is uniquely vulnerable

Before explaining why ethical hackers are such a valuable solution for the finance industry today, we should pause to explain some of the reasons why the industry finds itself in such a uniquely vulnerable position at this moment in time.

Again: the finance industry has, to its credit, spent much of the last decade working to fortify its systems against attack. In this pursuit, it has been spurred along by government regulatory agencies, which understandably demand much more stringent compliance protocols from financial institutions. And yet, it would seem the industry remains uniquely vulnerable. Why?

Part of the problem here stems from third-party vendors, which financial institutions are relying on to an increasing degree, using, in some cases, thousands of vendors to keep their operations running smoothly. This outsourcing is at once a necessary part of doing business and a major risk for these institutions.

But this increasing reliance on third-party vendors is itself a symptom of a larger trend remaking (and imperiling) the financial industry—namely, the increasing digitalization of every aspect of finance in the wake of the COVID-19 pandemic. With multi-cloud the norm throughout the industry, the range of potential targets has widened at an alarming rate.

And, while it’s true that stricter regulations compel the industry to identify and fix vulnerabilities before a product goes live, it is also the case that these protocols can provide a false sense of security, leading more elusive vulnerabilities to persist unnoticed. In this environment, it’s clear that one of the most viable defenses available to the finance industry is hackers. Our 7th Annual Hacker Powered Security Report provides some valuable insight into why this is the case.

One theme of the report is that—at precisely the time when security is most needed—security budgets are being wantonly slashed. Per the report, one-third of companies made security budget cuts last year, and one-third plan to do the same in 2023. The result of this industry-wide contraction is that IT teams are almost uniformly understaffed and overstressed—a dangerous combination at any time, let alone the most dangerous moment for cybersecurity in history.

How hackers can help

This is where ethical hackers can help. The skill set possessed by hackers differs significantly from that of the average IT employee—they understand how their bad-actor counterparts think on a deep level and are able to identify vulnerabilities that more traditional cybersecurity professionals might miss. It’s not surprising, then, that 70% of survey respondents said that hacker efforts helped them to avoid a significant security incident: hackers are the only people who have the skill sets required to stop attackers at the gate and keep finance organizations running smoothly.

Hackers, it’s worth noting, accomplish this at a fraction of the cost of what a financial organization might pay to retain a full-time staff member or a long-term security partner. They can plug the gaps without stretching your budget—identifying vulnerabilities on an as-needed basis. Per the report, the average cost of identifying a bug across industries is between one and four thousand dollars—pocket change next to the cost of an actual breach.

And while the finance industry has spent the last year testing use cases for generative AI (GenAI), that same technology has made hackers even more of a necessity, as bad actors begin leveraging GenAI for sophisticated attacks. Unsurprisingly, the majority of respondents (55%) said that GenAI will become a major target for them in the coming years, while for 14% it is already a significant tool.

As recent events suggest, things are going to get much worse for the financial industry before they get better. Just how bad things get for the industry, though, is potentially in their control. The fact is that hackers are the only group of people who can truly understand the attacker mindset: they are photo negatives, flip sides of the same rare coin. Financial institutions that internalize this insight will be significantly better positioned to weather—and perhaps even avoid—some of the catastrophes to come.

Continue Reading

Why pay for news and opinions when you can get them for free?

       Subscribe for free now!

By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Posts