HOW BANKS CAN ENSURE CYBERSECURITY IS STRONG DURING COVID-19

Alyn Hockey, VP Product Management, Clearswift

For banks and other Financial Services (FS) firms, cybersecurity has become one of the main challenges they have to face. 2019 Clearswift research revealed that 70% of financial companies had suffered a cybersecurity incident in the previous 12 months and less than a quarter of the respondents said they had an adequate level of budget for cybersecurity.

Banks have even more to concern them during the current coronavirus crisis. Keeping employees safe and healthy goes without saying, and banks must also try and keep the business on track. There is also a fresh wave of cyber-attacks to contend with. What cybersecurity threats have emerged from coronavirus and how can banks keep themselves protected?

 

Facing additional coronavirus-based cyber-attacks

The threats that FS firms face can be broadly categorised into two distinct camps – to steal or to disrupt. Stealing personal data that maybe used to compromise customers through their identities being stolen, which in turn can lead to their accounts being ransacked.

Threats that disrupt the trading of a bank cause operational problems and could result in a loss of revenue. Both types of attacks carry similar consequences: reduced business and reduced customer confidence and the risks of heavy fines if personal data is comprised.

Cyber criminals have not been slow to utilise these threats during the coronavirus crisis and with banks operating in a state of greatly heightened anxiety, are more vulnerable than they might be usually. With people concerned about the current situation, banks are receiving more queries from customers about short-term loans and for general business advice and attacks could come from such a route.

There has also been a spike in coronavirus-based phishing campaigns. These are well-crafted, look authentic to the untrained eye and are designed to trick people into opening them. These campaigns prey on people’s concerns about the current crisis and who are more likely to click on a malicious link now than they usually might be.

Homeworking even when not in the grip of such a crisis has security issues, but with many bank employees now working from home, there are further security concerns. Staff may be tempted to access corporate systems via unauthorised home systems, and it’s also true that homeworkers lack the usual office-based security measures – no email and web gateway security, intrusion detection/prevention systems.

 

A varied and evolving threat landscape

The threat landscape faced by FS firms is wide, varied and continually evolving. Malware, ransomware and phishing are all still widely deployed tactics, while social engineering techniques, weaponised documents and weaponised websites change all the time. Keeping up with what is going on is a major challenge for any FS firm and especially so during the coronavirus, with internal security teams over-stretched.

Ideally FS firms will have already prepared for being breached and review this process regularly. Assuming they’ve not created a playbook there are several things they will need to do. Identify how the attack happened and work to contain the situation so that it doesn’t continue. This may involve taking systems offline to perform a thorough investigation. Once they know how it happened, what was impacted and any risk assessed, they can begin working through the process of communicating to customers about what has happened and how it’s being dealt with.

If a data breach concerns personal data, then the entity should contact the Information Commissioners Office (ICO) and Financial Conduct Authority (FCA) within 72 hours of becoming aware of the breach. Once the systems have been restored, then it’s a question of reviewing not only how to secure the entity better through technology and process, but also to evaluate any lessons learnt throughout the breach. When a new plan has been finalised then it should be tested through simulation so that staff can learn how to deal with the next one.

The coronavirus crisis has meant that banks must take cybersecurity even more seriously than before, upping the pace of innovation and deployment of effective data protection and threat mitigation strategies. This includes working with the right technology providers and ensuring that they are using all the features and measures available to them.

While the long-term impact of COVID-19 is yet to be assessed, in the short-term it can act as a trigger for banks to reinforce cybersecurity processes. Reminding employees of the need for extra vigilance is part of this, providing advice and technical help to make sure corporate networks are protected as employees work from home.  With all the other issues presented by COVID-19, no bank needs the further challenge of a data breach.

spot_img

Explore more