By Max Locatelli, Regional Director Western Europe at Infoblox
Cybercrime has the potential to impact us all; no individual or organisation is immune. However, whilst every single business operating in the world today could face an attack at any given moment, some are at more risk than others.
Thanks to the trove of sensitive data and the huge financial sums they regularly handle, Financial Services (FS) organisations have become an obvious target for those looking to make a profit. In fact, according to Boston Consulting Group’s ‘Global Wealth 2019: Reigniting Radical Growth’ report, FS firms are up to 300 times more likely than other companies to be targeted by a cyberattack.
These statistics are not set to change any time soon thanks to the recent boom in digital transformation and cloud adoption initiatives. Whilst adopting these technologies and practices was necessary for survival during the pandemic, many FS organisations have inadvertently made themselves more vulnerable by expanding the attack surface.
With hackers getting more sophisticated and a new wave of cyberattacks just around the corner, FS organisations need to act now. Failure to adapt to the landscape and adopt a proactive approach to cybersecurity could spell disaster long-term.
A year of change
Traditionally, FS firms face a range of challenges when it comes to protecting their customer and employee data from cybercriminals. Regional compliance regulations and laws as well as cybersecurity concerns relating specifically to the sector all make network security extremely complex. However, when the COVID-19 crisis took hold last year, these challenges increased ten-fold.
As office closures took hold, FS employees moved from corporate offices to homes on the edge of the network, bringing greater risk. Not only were IT teams responsible for making sure staff were set up with the right equipment and systems, and that those systems were optimised for the cloud, but teams found themselves scrambling to secure corporate devices wherever they were located.
As many FS organisations struggled to get to grips with this new landscape, cybercriminals were using it to their advantage, using the chaos as a way to launch multiple attacks. In fact, according to recent research, three quarters (74%) of FS organisations have seen an increase in malicious activity since the beginning of the crisis. This activity and the damages come in all shapes and sizes – as a recent cybersecurity report uncovered. It found that more than half of all firms (54%) reported that they were hit by data breaches during a 12-month period, while nearly half (49%) encountered cloud-based malware attacks.
For FS organisations, a single data breach can have far reaching consequences. According to the report, financial losses – with an average cost of $4.2 million per data breach – are the primary concern for 60% of those questioned. However, it’s not just the initial cost that victims need to worry about. Almost half (45%) of respondents also highlighted the reputational damage caused by a breach. This can have a long-term impact, both on retaining current customers and the ability to win new ones. In today’s ultra-connected, competitive landscape, it ultimately could be the difference between being able to bounce back from an attack, or failing.
Future proofing financial services
With recent research discovering that one in four UK FS workers would like to work fully remote post-pandemic and the vast majority (69%) are in favour of a hybrid model – the digital landscape is only going to become more complex. Network architecture will no longer be centralised on a physical campus, with a core data center into which users connect, so security practices need to change to reflect this.
One tool that could help FS organisations to defend against the latest and most sophisticated threats is DDI. This bundle of Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP) and IP address management (IPAM) is designed with the modern borderless enterprise in mind. DDI simplifies the management complexity and bottlenecks of backhauling traffic to the central office and provides much needed visibility into network activities to detect anomalies before they move upstream.
DDI augments visibility into network activities and increases control. It grants visibility into networking activities, no matter where devices might be connected from – including remote locations. And since 90% of malware touches DNS – the first D in DDI – when entering or leaving the network, DNS can be a critical detection tool that, when connected to the security stack, can enable stronger threat remediation. Additionally, DDI includes a software-defined perimeter that supports network identity and context for policy rules and their enforcement in security orchestration, automation and response (SOAR); security information and event management (SIEM); cloud access security brokers (CASBs); zero trust; next-generation firewalls and more. Ultimately, DDI enables the network team to quickly detect and fix any vulnerabilities, no matter where they originate.
FS firms must take this time to embrace a more strategic approach to security, rather than hanging onto a model that isn’t compatible with the cloud-first networks that hybrid work requires. It’s no longer enough to solely promote centralised, on-premises practices. Instead, cybersecurity needs to stretch across the entire infrastructure using modern technologies – like cloud-first DDI – to protect users no matter where they are located.