Why the finance sector needs to step up its cyber preparedness for the future

2022 will be rightly remembered as 'the year of a fundamental restructuring of cybercrime.' Several geographical events and economic turmoil led to cybercrime-as-a-service emergence last year. As formidable as multinational corporations, cybercrime cartels now carry out advanced attacks that look beyond just exploitation and extortion. A greater cause of worry is how they are getting more organized and backed by nation-state-sponsored resources.

Besides the cost-of-living crisis in some parts of the world and a global recession on the horizon, cyber threats pose a significant danger to the finance sector's growth, reputation, and stability. For example, 1 in 4 malware attacks was targeted at financial services industry (FSI) firms in 2022, with the average cost per company shooting up to $18.3 million. This turbulent scenario has resulted in many financial enterprises doubling on risk mitigation and security advisory services. Geopolitical risks (71%), increasing AML regulations (70%), and evolving cyber threats (69%) are the top external trend impacting costs, according to a leading research provider for audit, tax, and security.

Geopolitical tensions The Russia-Ukraine political standoff revealed the ugly face of cyber attacks. Studies show that many cybercriminal groups have punitively launched sophisticated attacks on public and private enterprises. According to reports, they sought to destroy, disrupt, or degrade victim systems by taking actions such as encrypting files, deleting data, destroying hard drives, terminating connections, or executing malicious code.

Anti-Money Laundering (AML) violations Escalating geopolitical tensions have given rise to money laundering, corruption, and sanctions. This is evident from the recent sanctions (travel bans, asset freezes, arms embargoes, and trade restrictions) against Russia and Belarus related to the war in Ukraine. In addition, wide-ranging new regulations and legislation have been implemented since 2021. The U.S Government also made significant changes to the Bank Secrecy Act and National Defense Authorization Act for the fiscal year 2021. But sometimes, such sanctions face technological gaps, which include:

       - Disparities between algorithms resulting in overpowering false positives
       - Poor search capabilities
       - Duplication or hampering of investigative efforts

Such gaps and increasingly stringent norms cost institutions valuable time and effort. Moreover, technological gaps in sanctions programs have been exploited by rogue elements and reportedly caused reputational damage, civil penalties, or enforcement actions.

Financial market manipulation Of late, non-public market information has been identified as a significant asset by cybercrime cartels. This can be observed in the way attacks are carried out. They have evolved from plain heists to exhaustive strategies that take down a company's share price. A survey cited that almost 25% of finance leaders agreed that market data was the primary target for cyberattacks on their financial institutions. Criminal elements go after corporate strategies that can help them infiltrate and digitize insider trading and front-run the market.

How can the global finance sector leverage modern technology and evolve its strategies to meet the above challenges? Data is a critical element that can help businesses effectively address inefficiencies and limitations. For instance, when it comes to AML, businesses can rethink their strategies based on data-derived insights. Data can be collected from several points to visualize the movement of funds, transaction channels, and devices used. This can provide vital intelligence about beneficiaries' accounts and account holders. In addition, the automated Suspicious Activity Report (SAR) can help businesses increase efficiencies during geopolitical or AML crises.

Another impactful solution is hiring talent with specialized skill sets. Again, hiring managers have a greater responsibility. Understanding the needs and challenges of the enterprise and analyzing the skill sets required for the role can go a long way in providing a correct brief to their subordinates posting the vacancy. This would enable them to effectively act upon the specialized talent quest - where to find them and the appropriate remuneration.

A robust Zero Trust Network architecture (ZTNA) should be in place for the finance sector to thwart imminent cyber threats. This could be especially helpful for enterprises in hybrid/ remote mode. Latest artificial intelligence(AI)innovations include multi-factor authentication, continuous validation, smart monitoring, least privilege, and micro-segmentation. Studies have revealed that those businesses who adopted ZTNA saved almost 20% in both Operational Expenditure (OPEX) and Capital Expenditure (CAPEX).

FSI Chief Information Security Officers (CISOs) and other security practitioners must evaluate the rapidly evolving threat landscape to enable more resilience to their associated businesses. There is a need for a complete rethinking of FSI strategy in terms of AI-based security tools, vendor consolidation, and intelligent investment in comprehensive platforms to enable functionalities that include extended detection and response (XDR), endpoint detection and response (EDR) and security orchestration, automation, and response (SOAR). Joining forces with professional security advisory services can help financial enterprises improve their future cyber preparedness and effectively tackle unprecedented cyber threats.