Financial institutions face a complex challenge in cyber security: flexible and easy-to-use on-line services are a basic requirement of doing business, but at the same time so is safeguarding the trust, personally identifiable information and financial integrity of business and consumer customers. Not to mention keeping operations running smoothly and avoiding disruption of day-to-day business.
Unfortunately, the value of financial institutions’ assets, data and systems makes them a top target for (organized) cyber criminals. Financial institutions face persistent attackers, who are prepared to invest in development of the (criminal) infrastructure and organization to recruit money mules, conduct attacks and cash out. The impact of a successful attack can be limited to the direct financial loss, but breaches of personally identifiable information may also lead to civil lawsuits, require costly disclosures, raise regulatory scrutiny and liability, and entail hefty legal and remediation costs. In multiple noted cases, the reputational damage also has negatively impacted stock prices and earnings.
We’ve learned that protecting against these threats means more than just securing the organization’s own infrastructure. It means understanding who are targeting you, what their weakest links are in their business model, and how to detect and block their attacks.