April 3, 2020
min read

Did you know that most confidential data is kept in Office documents, and once a hacker cracks an M365 admin account, they have access to the entire tenant? Office 365, with over 200 million users, is the new cybercriminal hot spot. More bad news – traditional security tools do not protect against M365 specific vulnerabilities and attacks.

Financial services firms are tantalizing targets, and data breaches are rampant and havoc wreaking. Just ask Capital One, with 100 million customers’ data exposed, JPMorgan Chase where data from 76 million households were stolen, and First American Financial Corp with 885 million records compromised.

Defining the Problem

Don’t believe the threat to finance is that bad? Some 35% of all data breaches affect the financial services industry experiences, found Forbes. Not only is the data so valuable it is impossible for hackers to resist, but financial IT systems are so complex and interconnected, there are myriad ways to break in.

Security attacks never stop for the finance market. Technology researcher Vanson Bourne surveyed some 100 UK business decision-makers in financial services organizations. Some 70% were victims of a security incident in the last year. The researchers said that most security incidents were “from employees failing to follow security protocol or data protection policies.” Other factors “included the introduction of malware and viruses via 3rd party devices, including USBs and BYOD (32%), file and image downloads (25%), and employees sharing data with unintended recipients (24%).”

If that sounds scary, there is far worse news.  “Financial services firms are 300 times as likely as other companies to be targeted by a cyberattack,” the Boston Consulting Group argued. “Dealing with those attacks and their aftermath carries a higher cost for banks and wealth managers than for any other sector.”

Alert Overload

Most financial institutions have security management and monitoring tools that alert IT when things are suspicious. The problem is the sheer number of events. Even a small fraction flagged as suspicious leads to “alert overload.” In fact, MasterCard security professionals interviewed by New York Times said there were some “460,000 intrusion attempts in a typical day, up 70 percent from a year ago.”

Ovum research on banks discovered that some 40% of banks surveyed receive 160,000 mistaken, redundant, or irrelevant alerts daily. One cause of the alert overload is security tool overload. Here, 73% of the banks surveyed run at least 25 different security tools.

Institutional Challenges Just as Tough as Hackers Themselves

IT well knows the danger of hackers, but those that control the budget purse strings don’t always share IT concerns. The result of minimal buy-in from executive leaders leads to small security budgets, and opens the door further to cybercriminals.

Security Magazine argues that cybersecurity is less of a priority than compliance or supporting high customer satisfaction. “Leaders at smaller firms are often convinced that their firm is not worth the attacker’s time or effort,” the magazine argues. “This leads to a dangerous stance of security complacency, an attitude that nothing further is required to protect the firm, based on their own erroneous assessment of limited risk.”

Taking Security Seriously Requires IT Maturity

We mentioned the institutional challenges that detract from effective and deep security efforts. Accounting firm Deloitte has four levels of IT maturity ranking related to financial institutions’ security profiles, which include:

“Partial: At these organizations, cybersecurity risk management practices are not formalized, and risk is managed in an ad hoc (and sometimes reactive) manner.

Informed: This maturity level is characterized by institutions where management has approved risk management practices, but these practices may not be established as policy across the organization.

Repeatable: Here, an organization’s risk management practices are formally approved and expressed as policy.

Adaptive: At this highest maturity level, organizations adopt cybersecurity practices “based on lessons learned and predictive indicators derived from previous and current cybersecurity activities.”

Get a personalized demo today

Created by M365 experts, for M365 experts.