PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

A Checklist for Financial Institutions to Avoid Cyberattacks

By David Williamson
February 7, 2019
in Featured Content, Fraud & Security, Fraud Risk and Analytics, Industry Opinions, Security
0
4
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
cybersecurity

cybersecurity

It’s a new year, and with it comes a list of resolutions. Avoiding cyberattacks is usually pretty high up on an IT department’s list- no one wants to get attacked. However, time and again, it happens. SWIFT. Equifax. The list goes on even though global information security spending is expected to exceed $124 billion in 2019 according to a recent study.  Is it money thrown down the drain? Perhaps. It seems that no matter how much an organization spends, they remain vulnerable. Our recent study echoes this. In particular, the financial services industry is the sector hit the hardest – with the average organization spending almost $1million to restore services after an attack. In fact, last year, the industry saw a 57 percent rise in attacks, with many suffering an average of seven attacks. The average price tag of a single assault totaled a whopping $588,200.

Our research investigated attacks on the DNS, considered a major gateway into a business network. It is how hackers break in and set up camp – allowing them to launch an attack when businesses least expect – such as DDoS or cache poisoning. The consequences of an attack, or even just an attempt, aren’t just financial. Any amount of downtime for a business can be detrimental and can cause a loss in customer confidence.

Attack vulnerability isn’t the sole issue. It’s also how the surveyed companies in our research failed to address breaches quickly. Financial institutions took the longest time outside of the public sector to mitigate an attack – spending almost an entire workday resolving it (seven hours). Even worse, five percent of organizations spent 41 days fixing the results of a DNS attack. Businesses aren’t swift to patch and prevent future attacks, either. Almost three-quarters of financial organizations (72%) took three days or more to install a patch. That is similar to not turning the water off on a leaky faucet on before you fix it.  You are leaving yourself open to harm and excessive damages.

Unfortunately, hackers aren’t going away anytime soon. Threats evolve daily, and network service continuity and security is a business imperative. How can the industry ensure protection? Here are five questions financial sector enterprises should ask themselves in order to safeguard their networks:

  • Is your domain protected with enhanced threat intelligence? The insight of global traffic patterns, such as via data feeds, must be used to protect users from both internal and external attacks. It can block malware activity and mitigate other ‘break-in’ attempts such as data exfiltration.
  • Are you applying adaptive countermeasures? If an attack is unidentifiable you still want to ensure that business continuity remains intact.  The last thing a business needs is to block legitimate users which can cripple consumer trust in a service such as online banking.
  • Have you taken a harder security approach for cloud and Next Gen Datacenters? If not, consider adding a layer that covers the DNS so that cloud-stored data is protected against exfiltration, and in the event of an attack service is not discontinued while access to the cloud and your applications remains intact. Traditionally, cloud solutions have limitations and aren’t built for DNS. 
  • Are you using real-time analytics to amplify your threat visibility? Preventing data theft is essential but also critical to comply with regulatory standards such as the US CLOUD Act and GDPR.
  • Are you really globally aware? You would be surprised how many businesses are unable to report malicious activity across a global network. Threats often move laterally and you need a holistic network security policy in order to address risks.

Companies fundamentally understand the critical nature of protecting the DNS network, but evidence continues to point to the fact that there is more talk than action. Attacks are getting more sophisticated and common. Institutions in the financial services sector will remain at risk if they don’t prioritize securing it.  2019 doesn’t have to be filled with plans to recreate your network architecture just to secure it- taking one step forward to fortify the DNS this year will result in protecting your business for the years ahead.  That’s a resolution worth sticking to.

4
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
Tags: CybercrimeCybersecurity

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    embedded lending

    Embedded Lending as a Growth Strategy for ISVs—How to Maximize Revenue Potential

    June 18, 2025
    merchant ai

    Merchants Find More Use Cases for AI Amid Risks

    June 17, 2025
    prepaid payroll

    Taking the Check Out of Paycheck: The Role of Prepaid in Payroll

    June 16, 2025
    Banking-as-a-service BaaS

    Remodeling Main Street: How Community Banks Can Leverage the Banking-as-a-Service Paradigm

    June 12, 2025
    How Employee Performance Enhances the Customer Experience

    Three Strategies to Maximize Loyalty in the AI-Driven World 

    June 11, 2025
    PFM tools

    How FIs Are Cutting Through Subscription Clutter with PFM Tools

    June 10, 2025
    child identity theft

    Stranger Danger: Protecting Your Children from Identity Theft

    June 9, 2025
    agentic commerce

    The Agentic Advent: How the Next Iteration of AI is Shaping Commerce

    June 6, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result