If China’s largest bank can get hit, so can you: Why finance firms need a multi-layered approach to cybersecurity
The global financial system is going through a huge digital transformation. In the UK, 69% of banks and building societies site the changing expectations of their customers as a key driver for payments modernisation, with 82% planning to launch plans to overhaul infrastructure by mid 2024.
However, with sensitive data, such as bank balances and credit history, being held online comes the risk of cybercriminals deploying cybersecurity attacks.Whilst often praised for its rigorous and highly regulated security approach, the new era of cybersecurity threats with Zero Day threats emerging daily, exacerbated by emerging technologies such as AI, the security of the financial sector is even more precarious than ever.
Just last year,the Industrial and Commercial Bank of China (ICBC)was the victim of a ransomware attack that sent shockwaves throughout the financial sector. If China’s largest bank can get hit, what’s to say your company can’t?
Why do cybercriminals target critical national infrastructure?
Critical national infrastructure, such as energy hubs and water supplies have traditionally been targeted by cybercriminals to wreak havoc and bring everyday utilities to a standstill. Likewise, striking financial organisations can not only cripple business operations but bring economies to a halt leading to a ripple effect that affects millions.
The consequences of a cyberattack on a financial institution has been made clear following last year’s ICBCattack where cybercriminals were able to disrupt crucial systems. Whilst the ICBC worked to disconnect affected systems to limit the impact, it wasn’t enough. The work of cybercriminals was calculated,and the increasingly interconnected nature of business operations and financial systems meant that it struck at the heart of the financial sector, leading to widespread disruption on an international scale and prevented the US Treasury market from settling trades for other market players.
This type of threat on a bank isn’t unusual – last month, Bank of America warned its customers of a data breach that had exposed their personal information after one of its service providers was hacked last year. With over 69 million clients, 3,800 retail financial centres and 15,000 ATMs operating in over 35 countries, the impact of this is far-reaching.
The attacks don’t just stop with ICBC and Bank of America – finance firms lose 28% more than the global average per data breach, around $5.9 million. Like dominoes, the series of events that begin following a cyberattack on financial institutions are quick, destructive, and messy.
How to decide a cybersecurity posture
It’s clear that finance firms are lucrative targets.That’s why it’s now more important than ever that financial leaders work with their IT teams toimplement a robust, resilient, and adaptable cybersecurity strategy.
Traditionally, most organisations have relied on software-based cybersecurity tools to deter against threats. However, as the landscape continues to evolve rapidly and more sophisticated attacks take place, these solutions can suffer from aninability to adapt quickly enough, leaving organisations vulnerable.
Software-based solutions often have insufficient response capabilitiestoo as they their clunky database approach tendsto focus on detection and prevention of known threats. In the event of a successful data breach, a lack of reversioncapabilitiescould be the difference between rapid recovery or prolonged downtime.
What’s needed is a holistic approach, which must include intelligent detection systems at the hardware layer. With tools embedded throughout every layer with hardware and software defenses, organisations will be better equipped todetect, prevent, and respond to any unusual activity. For high-profile financial data and information, cybersecurity defences should be able to action a rapid purge and immediate file deletion to prevent the stealing of data.
Ultimately, a multi-layered approach ensures finance firms are proactively protecting data and getting ahead, rather than being reactive and scrambling to pick up the pieces. To ensure a proactive approach, the firmware layer needs to be enhanced with security solutions and advanced technology, such as AI, that can act as the last line of defence.
AI for cybersecurity
AI is a double-edged sword. When used with malicious intent, it can be incredibly damaging.AI tools have lowered the bar for cybercriminals considerably -by mimicking human responses,phishing emails or texts can be much harder to detect, leading to an increase in human error and businesses falling victim to threats.
But, when used for good, AI is an extremely powerful tool, so finance companies must embrace it. When embedded into the physical layer, AI employs self-learning abilities in an enclave environment to quickly identify and address both known and unknown threats. In a highly sensitive and complex industry like finance, the rapid nature of AI cybersecurity is not just a niceto have, but a need to have.
As we’ve seen with the attacks on ICBC and Bank of America, no financial institution or bank is safe from attack. There’s never been a greater need for strong cybersecurity solutions, to ensure threats can be prevented and detected whilst minimising downtime and serious consequences. Businesses that invest in protection at every layer will have peace of mind and can ensure they are keeping business and clients’ data secure.
