From Yahoo to Uber and everything in between, 2017 has been the year of the cyberattack. As you might imagine, we’ve crafted a host of stories for clients that’s required a great deal of research on the topic and we thought we might share some of what we found of note.
The fact is that because financial institutions hold valuable consumer data, such as credit card and social security numbers, they are simply more likely to be the target of a cybersecurity attack. According to a study by Raytheon and Websense, financial services organizations see three times as many attacks by cybercriminals than those in other industries. In the last year alone, more than two-thirds of financial services organizations have faced at least one cyber security attack, according to MetricStream’s The State of Cybersecurity in the Financial Services Industry Survey. It should come as no surprise to learn that the number of security incidents grow each year – at a rate of 66 percent, according to the 2015 Global State of Information Security Survey.
As technology continues to change and evolve, cybersecurity tactics are evolving as well. In a recent Credit Union Times article, Cisco Talos advised that cybercriminals are now using search engine optimization (SEO) to target users with the Zeus Panda, a banking Trojan designed to steal banking and other sensitive credentials. According to the article, these criminals are using malicious links prevalent in Google search results to target keyword groups that are tailored toward banking and financial-related information. This gives attackers a quicker way to obtain credentials, banking and credit card information. The use of SEO, as opposed to the usual distribution methods for malware, emphasizes how cybercriminals have refined their technology, proving the importance for organizations to consistently update their cybersecurity programs.
It’s evident that cybersecurity attacks on financial institutions are only going to increase, and it’s important to be aware of the cost that these breaches can have to an organization. Financial institutions that experience a data breach see an average cost of $336 per compromised record, according to Ponemon’s 2017 Cost of a Data Breach Study. The study also found that the average total cost of a data breach is $7.35 million, which includes the costs incurred to resolve the breach, legal fees and loss of profit. According to Gartner, it is estimated that by 2020, the financial industry will spend $170 billion per year preventing and remediating cyberattacks.
If the past year is any indication, we could see even more – and even larger – data breaches impact our industry. We are privileged to work with some innovative companies that are leading the charge in preventing cyberattacks and we look forward to working closely with them to help fight the good fight.