FINANCIAL SERVICES UPDATE
2022 Cybersecurity Awakening
FCI Perspective, April 18, 2022
Recent Exponential Increase in Threats
Daily news confirms the need for better risk management
ALL-TIME HIGH
Cyber momentum was building
- Increase in industry regulation requirements
- More audits from Regulatory Bodies
- Peers have had incidents & breaches
- Attack surfaces increased after pandemic remote work, BYOD & the new normal
REALITY HIT
Many still aren’t prepared
The sensitivity of the Ukraine crisis further pushed Financial Services firms of all types to strengthen cyber defenses with alerts from the White House, SEC, FINRA, CISA, NAIC, FFIEC and more.
NYDFS & CISA Ransomware Industry Guidance
SECURITY ALERTS
In response to geopolitical tensions between Russia and Ukraine and the increase in recent cyber threats
4 Current Major Initiatives
The industry reacts and takes action
1
Evaluate Status
- Inventory Current Security Posture
- Update Cyber Programs & Processe
- Insure Patching of all Applications & Servers
2
Remove Vulnerabilities
- Increase Vulnerability Scans
- Increase Ransomware Awareness
- Offline & Off-Site Backups
3
Strengthen Defenses
- Leverage Cyber Automation
- Increase Zero-Day Readiness
- Conduct Security Assessments
4
Decentralize Cybersecurity
- Ensure Checks & Balances Between Teams & Systems
- Fill Gaps & 24x7 Monitoring with the Right Partners
- Create Redundancy Across Systems
Key Drivers
Cyber
Ongoing Regulatory Compliance
War
Russia / Ukraine
Conflict
Alerts
Increasing Regulatory / Authority Alerts
Numbers Talk
300x
Financial Services firms are more likely to be the victim of a cyberattack than other organizations
46%
of attacks against Financial Services used the phishing technique in 2021
40%
of CISOs time is spent resolving regulatory requirements
22%
of total ransomware attacks in Q3 2021 were in the Banking/Financial sector
1 of 3 Attacks
threat actors used vulnerability exploitation attacks as initial access vector against financial institutions in 2021