Wall Street and Cybersecurity: What Can we Learn?
Table of contents
With the vast majority of cyber attacks being financially motivated, the banking sector is a huge target for cybercriminals.
From phishing attacks, to DDoS attacks, to ransomware attacks and beyond, hackers are constantly trying to breach banking cybersecurity measures.
In this guide, you’ll understand why cyber incidents happen so frequently in banking services, along with the best cyber security banking insights to avoid them.
1. Why are financial institutions a target for cybercrime?
Banking systems are particularly vulnerable to cybersecurity threats because they process sensitive information relating to financial data.
Almost 95% of data breaches are motivated by monetary gain, making banks and other financial services a major target for cybercriminals.
And, with the rise of Fintech and online banking, finance systems are more complex than ever.
This creates multiple vulnerabilities for cybercriminals to exploit—particularly through third parties, who may not always follow the same stringent security standards.
This could explain why the number of financial sector data breaches has increased by 330% since 2019.
Finally, financial systems and banking services are subject to strict legal and regulatory requirements. This is only natural, since they must protect customers’ sensitive information, safeguard the integrity of the markets, and prevent fraudulent behavior.
However, this also raises the stakes, since any breach of these security policies can lead to severe consequences. Cybercriminals can tap into these high-pressure scenarios, and use them as leverage to exploit banking security systems.
2. The 5 main cybersecurity risks in the banking industry
When it comes to financial services security, 5 cyber threats pose the biggest danger.
- Malware attacks: In particular, ransomware attacks make up over half of all cyber threats to financial institutions. In fact, the share of ransomware attacks against the financial sector has increased from 34% in 2021, to 64% last year.
- Exploited vulnerabilities: Hackers can break through any weaknesses in a bank’s IT security, and then compromise the entire system from the inside out.
- Social engineering tactics: With authentic-looking emails and social media pages, cybercriminals can sometimes trick people into sharing sensitive data.
- Third-party compromise: With so many stakeholders, service providers, and partners, the scope for financial network security to be compromised has only increased.
- Stolen credentials: If hackers can take someone’s login information, they can run further scams, spoofing, and impersonation attemps to scale the damage.
Let’s look at what happens when banking cyber security solutions are compromised.
3. The consequences of financial cyberattacks
Cyber attacks can lead to long-term repercussions for any financial institution. They could affect a bank’s reputation, lead to financial losses, and regulatory and legal consequences.
Financial losses
According to an IBM survey of 16 countries, the financial sector suffers the second-highest cyber incident damage statistics.
Recent studies have found that the average data breach in the financial world costs almost $6 million. And when fines come into play, it can sometimes cost far more.
Regulatory penalties
Banking services can face significant fines and legal proceedings in the event of being compromised.
For example, after a data breach that potentially affected over 40% of the American population in 2017, Equifax had to pay a fine of $700 million. This happened after the company failed to fix a well-known vulnerability in its IT system.
Reputational damage
Beyond the financial and legal repercussions, a bank’s reputation could also be jeopardized by a cyber attack. Any compromise may lead to a loss of trust in the entity, and it can take a long time to restore its public image.
For example, First American Financial Corporation is still famous for suffering the leak of 885 million data records in 2019, making it one of the largest financial cyberattacks in history.
Let’s look at an area of the financial market that is particularly vulnerable—IPOs.
4. Spotlight: The IPO market and cyber attacks
An IPO stands for ‘Initial Public Offering’, and it’s the moment when companies seek to raise funds by going public.
While an IPO process is an exciting step for any organization, it’s also (unfortunately) highly appealing to cybercriminals. It’s a high-profile moment when sensitive customer data and transactions can be exploited, all in the public eye.
Additionally, companies going through the IPO process are in a transitional phase, divided between their operational workload and the process of going public—meaning that security measures may not be as robust as usual.
It’s also an opportunity for insider threats from dissatisfied employees, external partners, or stakeholders. And of course, it could be an attractive opportunity to manipulate the financial market, such as by influencing stock prices.
Whatever the motivation, the consequences of cyber attacks on IPOs can have far-reaching consequences, including:
- Loss of investor confidence: Investors are highly sensitive to any disruption or compromise. Cyber attacks can lead to a loss of trust, causing potential investors to pull back or affect the share prices.
- Market instability: For example, a major denial of service or DDoS attack on a newly public company can affect stock prices and have a “ripple effect” on the rest of the market.
- Reputational damage: After a cyber attack, it can be harder to build and maintain investor relations—and this can negatively impact the company’s market valuation.
Forbes highlighted the example of the workflow platform Monday.com which had a data breach just before its IPO in 2021. Hackers gained access to its source code, but fortunately, no changes were made.
However, this nonetheless underlines the importance of cybersecurity to safeguard IPO initiatives.
5. Fighting back: The SEC and cybersecurity
The US Security and Exchange Commission (SEC) exists to regulate the financial markets, and in recent years, it has begun to focus more heavily on cybersecurity solutions for banks and other financial organizations.
And as shown by a report from the IMF on the growing risk of financial sector cyber attacks, the SEC’s role is more important than ever.
The SEC shares cybersecurity guidance and regulations and has strict disclosure requirements for any risks or incidents.
Here are three SEC regulations to keep in mind:
- CF Disclosure Guidance: Topic No. 2 – A series of regulations on disclosure obligations for cyber risks and incidents
- Regulation S-P – Broker-dealers, investment companies, and advisers must have written policies and processes to keep customer information safe
- Regulation SCI (Systems Compliance and Integrity) – Stock exchanges and clearing agencies must have strict systems to maintain the integrity and resilience of their activities against cyber threats
And the SEC can enforce fines and sanctions against anyone who doesn’t comply.
For example, in 2018, they fined Voya Financial Advisers Inc. (VFA) $1 million, after it emerged that they suffered a data breach due to inadequate cybersecurity policies and procedures.
6. Lessons learned in the financial industry
Cybersecurity for banks and financial organizations isn’t optional. Recent news stories—from Equifax to the First American Financial Corporation—have shown that failing to implement cyber risk management techniques can have devastating consequences.
Here are 5 cybersecurity takeaways for the financial sector.
- Adopt comprehensive cybersecurity measures: This should include regular risk assessments, incident response plans, and adherence to known guidelines, such as the NIST cybersecurity framework
- Safeguard personal data: Implement tools such as multi-factor authentication (MFA) and firewalls to reduce the chances of unauthorized access
- Invest in premium cybersecurity tools: External attack surface management tools such as CybelAngel can help information security officers push back against outside cyber threats
- Get employees and stakeholders involved: To make cybersecurity a shared priority, everyone associated with the financial organization should have access to training and simulations
- Collaborate and share insights: Stay in sync with regulators, follow industry groups, and regularly engage with cybersecurity experts to stay ahead of the curve
With the right cybersecurity measures in place, the financial sector can proactively fight back against threat actors and safeguard the resilience and integrity of their organizations.
Conclusion
With the rise of mobile banking apps, the Internet of Things (IoT), and beyond, the financial sector is becoming more and more exposed to potential cyber attacks.
We’ve seen many examples of data breaches within the financial sector which could have been avoided with the right measures in place, from Voya Financial Advisers Inc. to Equifax and beyond.
Fortunately, effective cybersecurity in banking can counteract these risks and safeguard the stability of the financial markets—along with a boost from tools such as CybelAngel.