The financial services industry has its unique set of data security challenges. It is common for organizations within the industry (e.g., banks, investment firms, insurance companies, etc.) to experience data loss, data theft, and fraud due to the highly sensitive and critical data collected, processed, and stored as part of their business operations. Examples of highly sensitive data include payment information and personally identifiable information (PII) such as an individual’s Social Security number. As a result, businesses in the financial services sector must secure their data using effective security controls that take into consideration people, processes, and technology.
In addition, the financial services industry is heavily regulated. There are standards in place that specifically address the unique risks posed by handling financial information. For example, the PCI Security Standards Council develops data security standards and resources for safe payments. For additional context, Flashpoint reports that Cyber Risk Analytics, which ingests information on publicly disclosed breaches, cites finance and insurance entities as the most-breached sector in 2022.
Financial Sector Threat Landscape
The sensitive data circulating within the financial sector provides cybercriminals with profitable opportunities. As such, they are highly targeted. In the case of a data breach, customer records containing PII and payment information are typically leaked and shared on the dark web. There is also a recent trend of cybercriminals attacking businesses to steal non-public market information. Of course, data breaches that involve sensitive customer data result in significant risk of identity theft, and cybercriminals who obtain an organization’s non-public market information can have a devastating impact on their business.
The annual Cyber Bank Heists report by Contrast Security’s Tom Kellermann shows that the primary attack vector for financial institutions is application attacks. According to the report, 64% of respondents saw an increase in application attacks, and 50% experienced attacks against their application programming interfaces (API)s. The report includes the following finding:
- Respondents report being the victim of integrity or destruction attacks launched punitively to destroy data (e.g., by deleting data)
- FinTech vendors are uniquely impacted by the dramatic increase of attacks against APIs; APIs can be used as launchpads to attack the greater environment
- Organizations must perform more due diligence around securing APIs; 72% of respondents plan to invest more in application security in 2023
While application attacks were described with percentages, the report highlighted the following observations over the past year:
- Banking trojans
- Ransomware
- Account takeover
- Theft of customer data
- Trojanized finance apps that deliver malware in spear-phishing campaigns
Mitigation of Risks with Data Loss Prevention
Organizations within the financial services industry want to prevent intentional exfiltration of sensitive data, and insider-related incidents of unintentional data leaks. The desire to prevent the loss of data often leads to risk mitigation efforts that involve the exploration of data loss prevention (DLP) tools. DLP tools include a variety of features. Organizations doing business in the financial industry should consider DLP tools to prevent data egress to unsanctioned cloud applications and data exfiltration from user devices.
Organizations might look at endpoint security tools or endpoint protection to secure sensitive data at customer endpoints, which are physical devices that connect to a network, such as a laptop or smartphone. They may look at cloud DLP solutions or explore a solution that combines any number of features (e.g., data discovery, automated classification, scanning, monitoring, detecting insider threats, alerting, warning, etc.), making it feature-rich. The right DLP solution will help mitigate operational and reputational risks that are commonly experienced by organizations doing business in the financial sector who are victims of an attack that leads to a data breach or when there has been an unintentional exfiltration of data.
Conclusion
Financial institutions have been targets for cybercriminals for years. Increases in phishing attacks, application attacks, and data leaks due to human error (e.g., mistakenly sending an email with sensitive data to an unintended recipient) continue to negatively impact business operations and threaten their ability to remain in business, as well as our economy. While there are several DLP solutions on the market to evaluate, selecting the right tool requires knowledge of the sector (e.g., financial sector), knowledge of market trends, how the threat landscape is evolving, and DLP best practices and technology.
- Data Loss Prevention for Financial Services in 2023 - July 6, 2023
- The Past, Present, and Future of (Zero) Trust - July 29, 2022