IT a risk to itself in the financial sector?

Netwrix has published additional findings for the financial and banking sector from its global 2022 Cloud Security Report.

  • 2 years ago Posted in

Compared to other industries surveyed, financial institutions are much more concerned about users who have legitimate access to their cloud infrastructure. Indeed, 44 percent of respondents in this sector say their own IT staff poses the biggest risk to data security in the cloud and 47 percent worry about contractors and partners, compared to 30 percent and 36 percent respectively in other verticals surveyed.

“Financial organisations experience accidental data leakage more often than companies in other verticals: 32 percent of them reported this type of security incident within the last 12 months, compared to the average of 25 percent. This is a good reason for them to be concerned about users who might unintentionally expose sensitive information. To address this threat, organisations need to implement a zero-standing privilege approach in which elevated access rights are granted only when they are needed and only for as long as needed,” comments Dirk Schrader, VP of security research at Netwrix. “Cloud misconfigurations are another common reason for accidental data leakage. Therefore, security teams must continually monitor the integrity of their cloud configurations, ideally with a dedicated solution that automates the process.”

All sectors say phishing is the most common type of attack they experience. However, 91 percent of financial institutions say they can spot phishing within minutes or hours, compared to 82 percent of respondents in other verticals.

“Even though financial organisations detect phishing quickly, it is still crucial for them to keep educating their personnel on this threat because attacks are becoming more sophisticated,” adds Schrader. “To increase the likelihood of a user clicking a malicious link, attackers are crafting custom spear phishing messages that are directed at the person responsible for a certain task in the organisation and that appear to come from an authority figure. Regular staff training, along with continuous activity monitoring, will help reduce the risk of infiltration”.

Predictive maintenance and forecasting for security and failures will be a growing area for MSPs...
Venafi has published the findings of its latest research report: The Impact of Machine Identities...
Arctic Wolf to enhance its Security Operations Aurora Platform with best-in-class endpoint...
Nearly 50% of organisations have experienced a security breach in the last two years.
New study by Splunk shows that a significant number of UK CISOs are stressed, tired, and aren’t...
HP Wolf Security Study highlights cybersecurity challenges facing organizations across the...
Internal test shows estimated scanning speeds of 75,000 backups within 60 seconds.
Deployment allows Korea Hydro and Nuclear Plant (KHNP) to leverage quantum-safe MACsec technology...