- The global financial sector continues to experience exponential increases in cyber-attacks, influenced by geopolitics and the recent Russia invasion of Ukraine.
- Cybersecurity vendors should not be complacent because of recent positive performances if they are to stay relevant and drive future growth in the financial sector.
Exponential Cyber-Attack Increases in the Financial Sector
The global financial sector has experienced an exponential rise in cyber-attacks over the last four years. Today, this is even more of an issue both from sector and geopolitical perspectives, and Russia’s recent invasion of Ukraine further impacts geopolitical order with a high number of DDoS attacks on both Russian and Ukrainian targets, including the Ukrainian Defense Ministry and Ukrainian banks PrivatBank and Oschadbank.
External market figures suggest that, in the 2020 alone, there was an increase of over 200% in cyber-attacks in the financial sector globally. The financial sector is not alone in seeing this increase; we have seen similar attacks in the healthcare and oil & gas sectors. However, in addition to the disruption cyber-attacks cause financial institutions, the impact potentially can be catastrophic from an in-country financial health perspective. Furthermore, the risks this imposes on financial institutions is at a global level, and we have already seen the implications of cyber-attacks across a number of countries over the last year, including: in New Zealand, with outages for Australia & New Zealand Banking Group; attacks on Liquid, a Japanese cryptocurrency exchange; Fiducia & GAD, a German technology operator serving the nation’s cooperative banks that was hit by a DDoS attack; and lastly, attacks on SWIFT, the global financial system’s main electronic payment messaging system, from which hackers attempted to steal more than $1 billion. In addition to all of this, there are also noises that US and European banks are preparing for increased attacks on their financial sector as a way of retaliation by Russia due to sanctions imposed on the country and the removal of its Tier 1 banks from the SWIFT messaging platform.
Accelerators Driving Cyber-Attacks in Finance
As global economies move forward in 2022 and geopolitical international relations descend to an all-time low, the question surely on the minds of financial institutions is not whether but how much banks will suffer financially as a result of future cyber-attacks on the global financial sector.
From a sector perspective, besides the obvious, there are a number of reasons the financial sector is prone to cyber-attacks. Some of these are related to the uptake of modern technology and the transformation that financial institutions are undergoing in the modern digital era. This includes traditional banks increasing the use of digital channels as they compete with fintech companies and address COVID-19, as well as the growth in digital currencies. The other piece to the jigsaw is the regulatory stance; this is where financial institutions have gone through a wave of regulatory changes, particularly around privacy/data and consumer rights. Also, the interconnectivity nature of banks and financial institutions could potentially affect the solvency of a financial intuition in the event of major cyber-attacks.
Ultimately, the motivation behind attacks has been money and, in a number of cases, geopolitical disruption, which potentially will increase. Also, cyber criminals are becoming more knowledgeable of the mechanics with which the financial sector operates, and subsequently are utilizing specialist tools and services to conduct their crimes. This includes ransomware crimes, distributed denial of service (DDoS) attacks, and phishing, which accounted for the majority of attack methods.
Cybersecurity Providers Must Align to Future Financial Sector Risk Management Initiatives
Cybersecurity revenues and stocks have been on the increase, fueled by the rise in cyber-attacks and, more recently, the Russia-Ukraine conflict. This runs counter to declining indexes across the technology industry as a whole. High-performance company share value increases include Palo Alto Networks, with an increase of 13%; CrowdStrike, at 13%; and Mandiant, up 12%.
Backing all this up, in interactions with GlobalData, cybersecurity providers have highlighted a number of factors driving performance. This includes the fact that now cybersecurity is at the heart of customer discussions, the level of disruption imposed on the global economy, and go-to-market successes in vendors strategically aligning product initiatives around next-generation security with more real-time and machine learning capabilities.
However, vendors should not be complacent if they are to succeed in driving future growth.
This is also illustrated in GlobalData’s Cybersecurity Enterprise Strategic Alignment Framework, based on our financial sector work. In particular, in the financial sector, the evolution of risk strategies is likely to transform in the next five years with automated compliance influenced by new requirements, regulations, and how executive board strategies will focus more on managing future risks.
In terms of the specifics, regulations influenced by public concerns impacting technology and cybersecurity will come into play. Some of these currently cover the Payment Card Industry (PCI) Data Security Standards (DSS) and Bank Secrecy Act (BSA). There will also be greater use of machine learning (ML) and big data in the analytics engine, offering much deeper insights to financial institutions in the area of risk management. There will also be greater collaboration across the players connecting the global financial system and standardization on cybersecurity frameworks like NIST 800-53, ISO 27001, and NIST CBF across member states globally. Financial institutions will also need to make further investments in security across the enterprise, with risk teams focusing more on risk management through the complex interplay of technology, people, and process rather than any one thing.
So, what does all this mean for cybersecurity providers in the future? Firstly, based on our discussions with enterprises, the traditional cybersecurity vendor engagement model will have to change to create relevancy and drive growth in the financial sector. Vendors will need to move away by simply engaging and serving the IT and CISO function within an organization, embedding themselves and their capabilities in the risk management decision process around corporate objectives and the role security plays in that chain. Vendors will also need to align cybersecurity to business priorities, often working from the top down with different teams in a client organization outside the IT function in mapping out how a cybersecurity strategy will support business unit outcomes and business plans.
Lastly and more importantly, cybersecurity is now a board-level issue, and too many vendors are only engaging at the IT/CISO departmental level (not to say that isn’t important). There needs to be greater involvement at the executive board level, working closely with the board as a ‘trusted advisor,’ participating or even driving cybersecurity risk governance and steering committees to help minimize the risks imposed on the company through a defined cybersecurity framework. Partnerships with third-party specialist advisories serving the financial sector will be key.
GlobalData’s Cybersecurity Enterprise Strategic Alignment Framework
Source: GlobalData, Enterprise Technology Services Practice