Top three cyber risks for financial services firms

By the nature of the industry, it’s no big shock that financial firms are the most targeted by hackers compared to any other market. Cyber risk is an ever-evolving and complex challenge for the financial sector and to help firms understand the risks they could be facing, the Financial Conduct Authority (FCA) has published a series of insights into the threat landscape.

The FCA has documented the views and findings of over 185 firms across different financial services. The most concerning risks, when split into three themes are Identity and Access Management, Third Parties and Supply Chain, and Malicious Emails.

The FCA’s Cyber Risk Industry Insights

The FCA is an independent, financial regulatory body that is the conduct regulator for 59,000 financial service firms and financial markets in the UK. To help prevent cyber-attacks occurring their report highlights issues they recommend financial firms work to prevent and understand, so as to avoid being another cyber-attack statistic.

Identity and Access Management

Retaining data on account usage and login attempts can help firms stay attuned to any data that is being accessed at unusual times or from unusual places. Also putting a focus on strong passwords and secure password managers can help keep attackers out.

The FCA report states:
“Inappropriate or ineffective identity and access management (IDAM) policies, processes and controls can give attackers access to critical systems that support important business services. Although some users may appear to be authorised and legitimate, this isn’t always the case.

“Where possible, use automated tools to continuously monitor administrative and important accounts. These include local, domain, non-domain and service accounts that have privileged access to important business services and systems. It was considered helpful to ensure that these tools were extended to include cloud services, third parties, outsourcing and intra-group arrangements.

“Users who require administrative or privileged access should use a dedicated system for elevated tasks. Firms agreed that preferably the device accessing the administrative interfaces or performing privileged tasks should be separate from the standard work desktop/laptop environment.”

How CyberGuard can help…
Our managed firewall service is a proactive security service that not only monitors and maintains your firewall, but it also provides detailed analysis of user and traffic behaviour. 

Third-Parties and Supply Chain

Often financial institutions rely on subcontractors and external providers to reduce internal costs. Attackers therefore concentrate their malicious efforts on third-parties because they are now a low-hanging fruit and provide easy access to their financial sector clients' data. Robust third-party risk management strategies should be put in place. 

The FCA report states:
“Organisations are increasingly seeing the need to understand the cyber risk that their suppliers present. Firms agreed that it is important to ensure that suppliers’ approach to cyber risk fits with an organisation’s approach before engaging with them, as this is difficult to fix once onboarded. The profile of each third-party should be measured and continually assessed to ensure they remain within risk appetite.

“Security standards should be clearly defined and communicated to suppliers. These must reflect the firm’s own risk appetite and more importantly be conveyed with consideration to the supplier maturity. Less mature suppliers may not be able to accept complex or costly requirements.

“Firms consider it extremely important that third-party access control to buildings, systems and data is closely managed and monitored. Where this access is performed remotely, key systems and controls need to be tested to make sure that no new vulnerabilities are introduced.”

How CyberGuard can help…
Our Managed SIEM service offers a complete package of cyber security measures, including: Vulnerability Assessment, Intrusion Detection, Behavioural Monitoring, Asset Discovery, Security Management, and Alarm Management and Analysis.

Malicious Emails

According to a survey from the Association of Financial Professionals, more than 81% of firms say they were impacted by BEC attacks in 2019, making BEC the top fraud threat financial professionals face today.

The FCA report states:
“Know and understand what normal email traffic looks like. Firms noted that the use of log monitoring systems can deliver significant insight into what ‘normal’ email traffic looks like. Both emails that are allowed and blocked should be included in monitoring to give better insight into the potential threat and how it is evolving.

“Technical controls alone will not reduce the likelihood of a successful attack via email. Attackers have demonstrated that they know that the easiest way to compromise an organisation is to target humans. This has increased the need to maintain a secure email culture.

“Firms recommended aligning additional training to the way that an attacker may target specific users or departments, such as those with access to critical systems or with the ability to transfer money. Align risk-based training with users’ roles, access and responsibilities. It was suggested that if real-life malicious examples are available, use these to educate all users.”

How CyberGuard can help…
Malicious emails are attacks targeted towards your biggest security weakness: your staff. What is frustrating is that most cyber-attacks targeted at staff are preventable with basic understanding and training. We offer two types of security training: Awareness Training and Advanced Cyber Training. Awareness Training includes monthly, company-wide phishing attacks (a form of malicious email attack), bi-annual spear attacks and regular password checks. Whereas our Advanced Cyber Training targeted at IT and Security professionals, offers a range of subjects and delivered by influential directors at Kaspersky.

Let us take responsibility for your cyber security

As a cyber security managed service provider, we specialise in taking responsibility for all cyber security concerns. You’re good at delivering exceptional financial services, we’re experts in cyber security. The more involved you are with managing your own cyber security, the less time you have to apply to your own business, which can only have a huge, detrimental effect.
Our cyber security services can ease the pressure and deliver peace of mind!

Get in contact with us

Source: https://www.fca.org.uk/publications/research/insights-cyber-coordination-groups