70% of UK financial organizations now cite cyberattacks as a main risk to financial stability. This is no surprise, considering financial institutions are 300 times more likely to confront cyberattacks than any other industry. It’s a difficult landscape for leaders in the banking industry to navigate – banks are increasingly interacting with more technology; however, this also increases risk by introducing more entry points for bad actors.
This raises an important question: What are some of the biggest cybersecurity challenges that banks are facing, and how can they safeguard their systems in an increasingly hostile digital environment?
VP of Product Management at NinjaOne.
The era of the endpoint
Every device, from servers to employee laptops and mobile phones, represents a potential entry point for attackers. The rise of remote work, and digital consumer banking services, only perpetuates this challenge. In the last couple of years, we’ve witnessed two-thirds of banks offer workers the chance for hybrid work, exposing more remote access for their employees. With this, financial institutions are managing more heterogeneous devices than ever before, which dramatically expands their attack surfaces.
Banking on the cloud
Financial institutions are rushing to reap the rewards of digital transformation through public cloud infrastructure, with 82% of banking executives planning to move over half of their mainframe workloads to the cloud. This introduces another potential attack surface, making the financial sector an increasingly attractive target.
While cloud security follows similar principles as traditional security measures, the principal difference is that it operates over the public internet, leaving security no room for error. Therefore, existing security solutions might not be enough to protect against the unique risks of the cloud. Security teams must update their plans to address the specific needs of the cloud environment.
Thankfully, there are many ways banks can reduce their attack surface and improve their ability to prevent, detect, and respond to attacks regardless of if the endpoint is remote, in a private data center, or in a public cloud.
Here are six steps banks can take to mitigate security threats:
1. Monitor, identify and fix misconfigurations: Misconfigured cloud resources, SaaS applications, or any internet-exposed device can be the root cause of incidents where data is inadvertently exposed or stolen by a threat actor. For financial institutions, this type of threat will have both a monetary impact and can harm their brand and customer trust. To mitigate these risks, banks must not only maintain an accurate inventory of their cloud, SaaS application, and corporate environments but also ensure comprehensive visibility into all endpoints. Active monitoring and detailed visibility allow banks to identify and remediate misconfigurations before they result in serious harm.
2. Enforce multi-factor authentication: Along with strong passwords, multi-factor authentication provides a huge boost to security. The most effective options are hardware security keys or time-based one-time password (TOTP) applications, like Google Authenticator. This ensures that even if a malicious actor obtains a username and password, they won’t be able to log in without access to a physical key or device.
3. Backup data and gain insight: Ransomware is a serious risk to organizations because it brings operations to a screeching halt. To build resilience and ensure access to critical information, even in the event of a successful attack, security and IT teams should not only back up cloud and endpoint data but again, maintain visibility across their environments. By backing up their data and monitoring endpoint activity, banks can better protect themselves and recover more effectively from ransomware attacks.
4. Exercise the principle of least privilege and limit third party access: Compromised user accounts are a leading cause of breaches. Limiting user access to the absolute minimum reduces the impact of a bad actor assuming the identity of a legitimate user. Additionally, overly permissive third-party access can inadvertently expose sensitive information to unintended recipients.
5. Keep patches up to date across all endpoints: Patching is an essential security control. Out-of-date operating systems and applications can leave doors open for intrusion or exploits. To make this easier, banks can use patch management tools to automate numerous updates across all their machines.
6. Use threat detection and response tools: To ensure nothing slips through the cracks, banks should use a threat detection and response tool as part of an in-depth cybersecurity plan. It can also monitor and gain awareness into threats both in the cloud and on endpoints, before they come to fruition, halting them in their tracks.
Cyber attackers commonly target sectors that offer reams of sensitive data and the possibility of lucrative pay outs when held for ransom – making financial services a handsome target. To combat this, IT teams at banks, insurance carriers, and other financial institutions, need to partner with security teams to reduce their attack surface, harden endpoints, and address known vulnerabilities quickly.
By taking a few smart steps and partnering with the right solution providers, banks can rest easy knowing that their data is safe.
We've featured the best business VPN.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
