Cyber security trends in the Financial Sector

This article was originally published by Global Banking & Finance Review.


Companies in the financial sector see the network as a significant security threat.  It’s easy to see why, with both banking and financial services (FS) businesses suffering a huge number of security incidents in the last 12 months – including multiple DDoS attacks – often accompanied by ransom demands and extortion.  No doubt, because of the scale of such threats, the cost of securing the network is by far the biggest security outlay that financial sector organisations must absorb.

Covid-19 appears to be a significant driver of change, sparking a sharp increase in security incidents. It seems likely that the wide adoption of remote working practices during the pandemic has enabled cyber criminals to mount opportunistic attacks. The crisis has left leaders feeling more vulnerable and they are investing more heavily in network security as a result.

In Telia Carrier’s latest research of the banking and financial sector, we spoke to business decision makers in over 130 organisations in the UK, US, Germany and France about their cybersecurity concerns and priorities.  It highlighted several interesting findings including fundamentally that 39% of financial services leaders consider the overall network security threat to be significant. While systems and applications are a marginally higher concern, this could be because they are a critical component of modern banking and trading platforms. Banking leaders (34%) say that they are most likely to be kept awake at night by concerns about logical security, versus 23% of financial services leaders.  Worries over physical network security are similarly elevated in both areas.

It is, perhaps, no surprise that leaders have these concerns when 92% report that they have dealt with over 100 network incidents in the last 12 months – a staggeringly high number.  This is happening despite 41% stating that their biggest cyber investments are in securing the network. The implication of this is that greater work needs to be conducted by financial services and banking organisations when it comes to their assessment of the security services in which they invest to reduce the number of incidents they fall victim to.

The Covid-19 effect

The Covid-19 pandemic has seen a sharp increase in security incidents, leaving leaders feeling more vulnerable and investing more heavily in network security.  58% of financial services companies, compared with 38% of banking organisations, experienced more security incidents through the Covid-19 pandemic, suggesting that financial services companies have been a greater target.  Understandably, this has left nearly half of leaders (48%) feeling more vulnerable to security threats, and 61% have subsequently increased their investment in network security because of the pandemic.

DDoS remains king

DDoS attacks are having a major impact on organisations with 72% reporting that their company has experienced one in the last 12 months and 76% stating they consider it a significant and ongoing threat to their business.  The threat, of course, is not simply the attack itself but the trust lost, financial cost and reputational damage caused.

Where historically some of these attacks were conducted by groups across a range of industries for the ‘glory’ or driven by hacktivist interest, it has become much more common for them to be driven by financial gain.  57% of business leaders say that they have experienced a DDoS ransom or extortion attack in the last 12 months.  Such attacks were more common in financial services where a sizeable 67% had been targeted, compared with 46% of Banking organisations.  14% say that DDoS attacks have posed such a serious threat that they could have undermined their business’s ability to continue.

How can leaders move forward?

We have only discussed some of the highlights of the research here, but overall the research implies that financial services leaders should take account of several key issues when considering enterprise and network security.

While greater investment in cyber security is clearly important, ‘throwing money’ at the issue is not a solution in itself.  It is critical that FS leaders maintain an accurate and up-to-date picture of the threat landscape and target security investments where they are most needed.

Organisations need to evaluate potential security threats throughout their entire ICT ecosystem to combat the growing severity and unpredictability of evolving threats in an increasingly digitalised (and distributed) business environment.

In seeking protection, leaders cannot afford to overlook the risks faced in their core network and should give careful consideration to their choice of network services provider.  In particular, leaders need to consider the following when reviewing their future network cybersecurity needs:

  • The lessons of the Covid-19 pandemic when scaling up their security programs to take account of the constantly evolving (and unpredictable) nature of threats.
  • Business-specific threats – how are cybercriminals specifically targeting banking and financial services businesses and where should the focus on mitigation be?
  • The geographical threat landscape – what are the main threats and vulnerabilities within the geographies in which they operate?
  • The physical security (and potential suppliers) of their own networks and that of suppliers providing underlay – businesses need to look beyond logical connectivity and demand full transparency from their suppliers regarding the resilience of physical network assets throughout the extended supply chain – including their hardware vendors and data centre partners. They must ensure that their network providers have full visibility (and control) of the underlying network infrastructure.
  • Logical network security across the ecosystem – do potential suppliers take a robust approach to routing security and security within their network production environment?
  • All available DDoS protection options – what are the different services available to banking and financial services enterprises, and which ones afford the best protection for their specific needs? Only half (49%) of respondents in the research consider themselves very familiar with the DDoS protection capabilities of their network service provider, with 35% admitting to being only somewhat familiar.

The cyber security challenge for banking and financial services organisations is evolving:  incidents are increasing and the attacks becoming more aggressive.  All this at a time, when financial services organisations of all types are shifting, along with many other sectors, to an increasingly digital presence that relies on smartphones and cloud services to reach business partners, markets and retail customers.  More than ever before, leaders need to respond to the threat, and make sure they are using the best tools at their disposal to protect their customers and the future of their business.

Mattias Fridström, Chief Evangelist


Download the full 2021 Financial Sector Network Security Report.