Cybersecurity for most financial institutions has for many years focused on securing physical environments - the enterprise data centre, corporate offices, branch locations and ATMs - keeping internal information safe from external bad actors. As long as someone was still on the payroll, and checked all the IT boxes for legitimate employment, they would be granted almost indiscriminate, always-on access to business systems and data. A few years ago, this was sufficient to achieve the main objectives listed below of any cybersecurity program when it comes to protecting digital business systems and resources, commonly referred to as the CIA Triad:
Hefty fines, sudden drop in share price, loss of customer trust and even imprisonment are some of the consequences of cyber-attacks. Before exploring some cyber-risk mitigation strategies, let's review some trends influencing cybersecurity and the current threat landscape in the financial services industry.
The adoption of cloud-based applications and platforms over the last few years has been on the rise, meaning the enterprise data and applications are no longer just confined in a single on-premise data centre, but a mix of hybrid and multi-cloud locations.
Also, employees, partners (credit bureaus, merchants, billers, payment gateways, payment switches, high-frequency trading platforms, other financial service providers including FinTechs, etc), regulators, clients and other connected devices like remote ATMs and POS terminals usually need secure access to different enterprise data, systems and resources outside of the traditional threat perimeter.
Before the COVID-19 pandemic hit us and government lockdowns were initiated across the globe, few organizations, if any, had considered the possibility of remote working for all employees across all functions. If this consideration was ever made, almost none of these organizations trialled remote working at the scale witnessed in the first few months of 2020. Prior to this period, the need to transition thousands of employees across multiple countries, to work from home, productively and securely, almost simultaneously or within just a few weeks, was inconceivable.
These trends fundamentally changed the security landscape and called for a new approach to cybersecurity.
In a typical financial institution, threat entry points are numerous. They include endpoint devices like mobile phones and laptops of remote workers, applications like email and digital banking apps, websites, cloud environments and network infrastructure.
The number of attacks is also mindboggling. At the time of writing this piece, FireEye threat map showed that the financial services industry reported the most cyber-attacks. Below are other useful threat maps from major cybersecurity solutions vendors that will promise to blow your mind.
The types of threats are also now numerous and more advanced; from whaling and DDoS (Distributed Denial of Service) attacks to malware (malicious software) like viruses and ransomware, similar to the Colonial Pipeline attack that has been making headlines over the past few days. In fact, the Colonial Pipeline attack was so severe that the US president issued an Executive Order on Improving the Nation’s Cybersecurity.
Even though there’s no one size fits all approach to managing these risks in the financial services space, there are key themes that cut across the industry regardless of company size, risk profile, stage in the digital transformation journey or compliance and regulatory requirements. For example, today, Encryption and Multi-Factor Authentication are basic security requirements for financial institutions. Below are some other common cyber threat mitigation strategies:
The demand for cloud-enabled mobile-first employee and customer experience will continue unabated in the financial services industry for the foreseeable future. In a number of markets, financial service institutions are having to rethink their GTM strategies to stay abreast of the fast-evolving consumer expectations for innovative, integrated and digital lifestyle financial services. This has in part driven more disruptive business models in the sector and resulted in various FinTech and Ecosystem plays that have blurred the industry lines, especially in the payments space and digital lifestyle platform plays. Being able to securely expose certain data sets, but still maintaining the privacy of PII data through open API’s has become an imperative for FinTech innovation but introduces added complexities in securing these potential threat vectors.
General availability of high-speed data connectivity through 5G, powerful computational devices and smartphones, and emerging technologies like Internet of Things (IoT) and Multi-Access Edge Computing (MEC) mean that early warning security systems that leverage Advanced Analytics, Machine Learning and Artificial Intelligence capabilities are paramount.
It is no wonder that identity-based solutions, which continuously monitor internal vulnerabilities and external cyber threats before providing contextualized access to cloud-based enterprise resources using Zero Trust principles, are gaining traction in the financial services arena. At Vodacom Business, for example, we are well-positioned, even with the added complexity, with our SASE (Secure Access Service Edge) solutions, to extend this threat mitigation capability all the way to the edge including securing IoT devices with cloud moving to the edge given the advent of 5G.
The financial institutions of tomorrow are clearly very different from the ones of yesterday. Driven by rapid technological change, digital omnichannel customer needs, flexible and BYOD working models, growing co-opetition with the tech industry and complex regulatory environments, the attack surface will only continue to widen exponentially. ICT-led cybersecurity solutions are therefore going to remain an important pillar for the financial services industry going forward.
Kevin Odudoh
EHOD: Financial Sector: Vodacom Business