Share

Related Stories

  • Zeus Variant Contains Legitimate Certificate
    A new variant of the Zeus banking Trojan, which Comodo Antivirus Labs is calling “extremely dangerous,” is being used by hackers to launch attacks that obtain the login credentials of visitors to online banking sites and commit financial fraud.
  • Financial Markets: A Playground for Cybercriminals
    The financial markets are supposed to be transparent, and efficient. But what happens if cybercriminals begin playing with them, and would we even know it was happening? Danny Bradbury investigates
  • IBM Combats $3.5 Trillion in Fraud Losses with Broad-ranging Initiative
    Digital channels such as mobile devices, social networks and cloud platforms offer the perfect connected footprint for bad actors probing for weaknesses and vulnerabilities to carry out everything from tax evasion, money laundering and cyber-attacks to threats from inside the organization. So, looking to take on the scammers and the grifters, IBM has announced a new initiative to use Big Data and analytics to address the $3.5 trillion lost each year to fraud and financial crimes.
  • Enterprises Set to Increase Security Budgets
    As the threat landscape gets more and more complex when it comes to cybersecurity, a beacon has appeared in the shifting seas: it looks like enterprises will have a strong budget for security projects in 2014. Compliance, mobility and access management are all spurring project spending.
  • Credit Card Details of 20 Million South Koreans Stolen
    In a classic 'insider' breach, an employee of the Korea Credit Bureau (KCB) has been arrested for stealing and later selling the personal details of millions of South Koreans to phone marketing companies. The Financial Supervisory Service (FSS) has said that the credit card firms will cover any financial losses suffered by customers through this incident.

Top 5 Stories

News

Financial Services Firms Plan to Increase Cybersecurity Spending

16 April 2014

Heartbleed, Zeus, insider threats and more: the financial services sector is under constant attack as cybercriminals look to lift user data and siphon off funds from accounts. The good news is that almost two-fifths (38%) of financial services firms in a recent survey plan to boost spending to combat cyber-crime over the next 12 months.

According to the latest CBI/PwC survey, the biggest increase in spending will be seen in sectors that reported low growth six months ago, including investment management, which plans to increase spending by 76%.

"Cyber-crime is a major threat to the UK's financial services sector, as fraudsters increasingly turn to technology as their main crime tool,” said Richard Horne, cybersecurity partner at PwC, in a statement.
“These figures show that an increasing number of UK financial services companies are taking cybersecurity seriously. Non-banking companies are sharply increasing their spend and banks, which have invested heavily for years in cyber-defenses, are continuing their level of spend. This demonstrates that even companies with mature cyber security capability need to continue to invest, as the threat is so dynamic.”

That said, where the investment goes needs to be strategic rather than broadside. As the digital channel in financial services continues to evolve, cybersecurity has become a business risk, rather than simply a technical risk.

"Spending on cyber security needs to carefully targeted – but also evaluated to ensure it's being spent where it can be most powerful,” Horne added. “Financial services companies are becoming more dependent on digital processes, and therefore more vulnerable to cyber-attack. In addition the threat is incredibly dynamic, so defense strategies need to be constantly evaluated and refined."

The report found that regulatory compliance remains the top driver of security spending for financial services respondents (44%), and that compliance is a higher priority than it is in other industries (the average was 30%). That’s not surprising given the fact that financial services is a highly regulated industry, but a security model centered on existing compliance standards will not adequately address today’s evolving security threats.

Other top priorities driving spending are business continuity and disaster recovery (40%); economic conditions (39%); company reputation (38%); internal policy compliance (38%); and business transformation (34%).

The banking industry is working on upping its preparedness, most visibly via exercises like Waking Shark II, which tested the UK banking sector’s response to a sustained and intensive cyber-attack. Waking Shark II was organized by the Securities Industry Business Continuity Management Group which drew on extensive cyber expertise to design a scenario in which a cyber-attack caused disruption to wholesale markets and the financial infrastructure supporting those markets.

Horne said that "The recent Waking Shark 2 exercise in the city showed that the financial services industry and its regulators have made progress in beginning to pull together a coordinated response to the cyber threat. It also makes clear that all companies need a clear understanding of the cyber threats and the measures they need to take to be confident in their ability to manage the risk. 

This article is featured in:
Business Continuity and Disaster Recovery  •  Compliance and Policy  •  Industry News

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×