Financial Services Industry Reports Sharp Rise in Cyberattacks

  • The pandemic is driving an increase in cyberattacks
  • Weaknesses in supply chain and remote working are the biggest issues
  • Almost half of companies already invested in increased security for remote workers

The financial services sector is one of the most attractive targets for threat actors, and 65 percent of the players in the industry reported a cyber-attack in the past 12 months, according to a survey from HelpSystems.

The COVID-19 pandemic put its mark on everything in 2020, and the financial sector hasn’t been spared. The pandemic offered new avenues of attack, letting bad actors take advantage of the new working landscape. The survey, which covered 250 CISOs and CIOs in global financial security companies, found some interesting facts.

First of all, 45% of respondents said that their companies have faced an increase in the number of cyberattacks since the pandemic started. Of course, a main concern was to secure the remote workforce, but the industry still has a ways to go. Only 47 percent of the companies have increased investments in more secure collaboration tools.

“92 percent of FS organizations have increased their cybersecurity investment over the previous 12 months, 26 percent significantly so,” found the survey. “The main investment priorities for CISOs over the next 12 months include secure file transfer (64 percent), protecting the remote workforce (63 percent) and cloud/Office365 (56 percent).”

The survey also uncovered a couple of exposed business areas with the potential to disrupt business, including weaknesses in the supply chain, in 46 percent of respondents, and increased working from home due to Covid-19, in 36 percent of cases.

“Around one-third of respondents had reacted quickly to update their regulatory best practices and 46% had re-evaluated their cybersecurity training and policies to better reflect the increased home working,” the survey also showed.

Finally, one of the findings is somewhat counterintuitive, and it has to do with employee training. While training employees is a cornerstone of cybersecurity, a negative outcome is possible as well. It turns out that keeping employees in constant training cycles can become tiresome and a source of stress.