The financial sector remains a prime target for cybercriminals

IBM’s X-Force Threat Intelligence Index found that 23% of cyberattacks are against financial institutions. The total cost of a single data breach involving a financial institution is the second highest among all industries – costing $5.72 million on average.

Another study by IBM, “Cost of Data Breach Report 2020”, showed that 53% of data breaches are motivated by financial reasons, which explains why financial institutions are constantly on the cybercrime radar. In other industries, malicious users focus on social engineering, credential stuffing, and application vulnerabilities. Meanwhile, in the financial industry, malicious users primarily compromise internal corporate networks.

“Organizations must strictly authenticate external and internal users to protect their business systems. Financial institutions suffer from insiders who know the inner workings of the banking system, and state-backed hackers often target them. While cybersecurity automation today cannot guarantee attacker resilience, a smaller surface area can significantly reduce risk,” said Juta Gurinaviciute, CTO of NordVPN Teams.

Gurinaviciute reminded financial institutions to establish secure connections for employees and contractors to access critical assets, minimizing the cyberattack surface. However, she warned that unconditional trust can be harmful if malicious users compromise the connection.

“Authentication today is based on a Zero Trust model, which means employees and contractors can only access limited resources for a set period of time. Even if their connection is compromised in a supply chain attack, hackers won’t do much harm as they won’t reach the rest of the internal network,” Gurinaviciute added.

According to Gurinaviciute, organizations can also implement an additional layer of security that filters endpoints and applications based on their IP address. For example, IP whitelisting (also known as allowlisting) allows administrators to create a set of trusted third-party employees and devices, providing access to the corporate network while making it difficult triggering a cyberattack and limiting its surface.

Businesses can also stay resilient by implementing third-party solutions with a centralized control panel for efficient addition of new devices and apps.

Comments are closed.