- Shortage of skills and high volume of threat alerts pose biggest challenges to cybersecurity programmes
- Preventing fraud and data leaks are key security priorities
The Banking and Financial Services sector is struggling with a skills shortage along with the sheer volume of threats and alerts as it continues its ongoing battle against cybercrime. This is according to a Twitter poll conducted by cyberthreat intelligence provider Blueliv. With financial organisations a prime target for attacks, preventing fraud and data leakages is key to the sector’s security strategies – but it is getting harder as cyberthreats become increasingly diverse, sophisticated and malicious.
Rise in banking Trojans
The poll revealed that roughly a third of respondents are concerned about the impact banking Trojans (31 percent) and mobile malware (28 percent) will have on financial services organisations and their customers in 2020. This is in line with Blueliv’s latest cyberthreat intelligence report for the financial services sector, now available here.
Tracking the latest evolving threats, Blueliv’s researchers observed a 283 percent increase in botnets relating to Trickbot as well as a 130 percent increase in Dridex botnets. These botnets are linked to the distribution of banking Trojans and other malware families targeting the financial services sector.
Blueliv’s report also highlights that malware targeting mobile apps is one of the most rapidly developing threats to the financial services sector, with functionalities that allow criminals to gather user credentials as well as steal funds from mobile users’ bank accounts. This is partly driven by the fact that cybercriminals can now easily buy malware builders in underground forums, and that these often include advanced evasion techniques so the malware remains undetected on infected devices.
Fraud prevention most crucial security element
While the financial services sector – by its very nature – has some of the most mature cyberdefense strategies and is ahead of many other industries in detecting and preventing economic crime, weak spots remain in some organizations’ fraud risk assessments. This is underlined by the fact that 35 percent of poll respondents named fraud prevention the most crucial element to an ongoing cybersecurity strategy. Unauthorised transmission of data from within an organisation to external recipients is another key concern, with 31 percent of respondents considering the prevention of data leaks the most important.
Just under a quarter (24 percent) would focus their security strategy around regulation and compliance requirements such as GDPR; in contrast to this, the same number of respondents (25 percent) named regulatory issues as the biggest challenge for financial services institutions developing ongoing security programmes.
Visibility of threats is a challenge
According to the poll, financial services organizations encounter a range of issues as they build their security programmes – the most pressing being a shortage of skills (28 percent), followed by the high volume of threats and alerts (26 percent) and a lack of visibility into cyberthreats (20 percent). This is hardly surprising: as financial services institutions (FSIs) embrace digital processes and new customer interaction channels, so their attack surface grows, making it harder to keep on top of threats ranging from Point-of-Sale (PoS) to ATM malware, mobile apps malware to card skimmers.
“Organizations in the financial sector face a constantly changing threat landscape,” commented Daniel Solís, CEO and founder, Blueliv. “Business priorities have shifted and digital risk management is now central. Because they are such high-value targets for cybercriminal activity, it is imperative that financial services organizations monitor what is happening both inside and outside their networks in real-time to create effective mitigation strategies before, during and after an attack.”
Solís continued, “FSI security teams can be easily overwhelmed by the number of threat alerts they receive which can very quickly result in alert fatigue and desensitisation to real, preventable threats. Threat intelligence can address the cyberskills gap through continuous automated monitoring combined with human resource to provide context, helping FSIs develop highly-targeted threat detection, prevention and investigation capabilities.”
Attracting 11,380 responses, the Blueliv Twitter poll was conducted during the week of 25 November 2019.
CAPITAL MARKETS PARTICIPANTS HAVE HIT A WALL WITH COMPLIANCE, NEW INTERNATIONAL STUDY FINDS
The research suggests that many broker-dealers and other trading entities have come to a fork in the road, where they must choose between continuing to budget and plan for new IT/data projects ad infinitum, or find a more sustainable approach to real-time reporting -which satisfies the needs of multiple regulators. Jordan Ambrose, CEO of Inforalgo, drills down into the deepening challenges as Capital Markets succumb to regulatory overload.
More than a decade on from the last major financial markets crash, which triggered the spiralling regulatory scrutiny that has been seen across financial markets in recent years, the majority of Capital Markets participants continue to battle with compliance-related complexity – which has now reached a peak.
The severity of the pain these firms are enduring is highlighted in new research commissioned by Inforalgo. Set out in the report, Meeting the challenges: Compliance and obligations across regulatory regimes, the study finds that the practical issues are universal. (Half of the research respondents were based in Europe, almost a third in North America, eight per cent based in Africa and just over two per cent in Asia.) The findings are timely too: the survey was conducted between September and November 2019, at a time when the Consolidated Audit Trail was looming large for trading entities, adding to what already feels to be an untenable compliance workload. Indeed, many firms are still reeling from the introduction of MiFID II two years ago. Almost 70 percent of those surveyed said this had had the most significant impact on their firm over the last 12 months.
Enough is enough
Increasing changes and updates to requirements, and varying needs between different markets around the world, is causing particular fatigue and frustration. Adding to existing reporting burdens are the MAS overhaul in Singapore, FINRA’s CAT requirements, and adjustments to EMIR Refit and MiFID II in Europe.
Without exception, all respondents flagged short preparation windows as a major source of anxiety, with eight percent listing this as their greatest compliance-related concern of all. Related to this is the scale of the work to be done. Half of respondents indicated serious concerns around the volume of transactions or transaction sizes to be reported, while all survey participants worried about their ability to interpret the rules correctly.
The call for near-live data feeds prompts firms to seek external help
Seeking relief from this relentlessly stressful situation, 45 per cent of market participants said they were looking to outsource their regulatory obligations to one or more external partners, as a more sustainable long-term approach. This is driven not just by soaring regulatory workloads, but also by the growing demand for real-time reporting.
Under Europe’s MiFID II, for instance, trading venues and certain categories of investment firms must publish volume and price within 15 minutes of a completed trade of equity or similar products. In the US, broker-dealers facing CAT are looking for solutions that capture and manage data in real-time, to ensure reports are made according to the rules’ tight timeframes.
Drastically reducing the amount of time a firm has between execution and filing reports, significant pressure has been put on the market in terms of internal resource – as well as finding the right ‘Regtech’ solution to ensure compliance. Asked what the most important real-time regulatory reporting functions market participants look for in a solution, more than 50 per cent of survey respondents cited data insight or analytics, an intuitive front-end user experience for operations and compliance teams, and real-time reconciliation.
Practical worries ranking highly among market participants ranged from the cost of resourcing compliance projects, to rising concerns about punitive fines and reputational damage if firms are caught out – whether by missing deadlines, or submitting inaccurate or incomplete data.
Data complexity and system interconnectivity are increasingly critical concerns too. It is dawning on market participants more than ever how much duplication of effort is involved when data has to be repeatedly input between multiple systems, because these are not connected or compatible to enable reliable data flow and automated data exchange and reporting.
Time to stop reinventing the wheel
The biggest realisation for market participants is that continuing with their existing approach to reporting compliance is unsustainable – practically, financially and resource/time-wise.
To this end, over a third (39 per cent) of respondents acknowledged that any viable future solution must begin with a more holistic and consolidated approach to trade data. Specifically they acknowledged the value of creating a single, reliable ‘golden source’ of data that can feed everything else, with many firms noting a Regtech solution offering to deliver would hold significant appeal.
Ideally firms need to get ahead of evolving regulatory demands, to the point that they are able to deliver accurate, complete and current data to any authority, in any market, anywhere in the world – both now and in the future. If this means leaning on external services, for instance a cloud-based data management platform/managed service, then so much the better. Such an approach would also offer a means of rationalising already unwieldy and costly-to-manage technology estates.
Probably the biggest realisation of all is that all market participants share the same pain, and have reached similar conclusions about the changes they now need to make – so that compliance becomes more manageable and less of a drain on resources going forward.
The author is the CEO at Inforalgo, the capital markets data automation specialists. You can download a copy of the full report, Meeting the challenges: Compliance and obligations across regulatory regimes, here
BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND
battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today that it successfully closed its seed financing round with backing from leading strategic and venture capital investors.
Atlanta, Georgia-based Fintech Ventures Fund has invested in the company, joining existing investors Greenlight Re and Tangiers Group. This investment will be used to expand software development, hire sales and business development personnel, and further the company’s global reach.
battleface is led by a team of travel insurance experts. CEO Sasha Gainullin previously developed global operations for AIG Travel Guard and has worked with battleface since its inception. Managing Director Paul Simmonds brings experience as a Lloyd’s of London underwriter with previous leadership roles at Berkley Syndicate, CNA Hardy, Brit, and Goshawk.
“We got our start because many travellers couldn’t find the right insurance products with coverage for their unique travel destinations and real needs,” said Gainullin. “With the latest investment from Fintech Ventures Fund, we’ll continue to expand our B2B partnerships custom-building travel insurance solutions for groups, including business and NGO travellers, associations and membership-based organisations.”
battleface combines innovative technology and underwriting to create, distribute and service specialty travel insurance products for people in both retail and wholesale. Products are supported by a network of 24/7 assistance coordinators, medical providers and on-the-ground field agents who provide emergency claims, medical and travel assistance services on a global basis.
Fintech Ventures Partner Lucas Timberlake said: “A core area of our fund’s investment thesis is that technology can be leveraged to more efficiently provide insurance products to markets that have been underserved by current offerings. We believe that battleface’s seasoned management team will create an industry leader in the travel insurance space. It is for these reasons that we are excited support the company’s future growth.”
HOW ENTERPRISE INFORMATION MANAGEMENT, CLOUD AND ANALYTICS WILL IMPACT FINANCIAL SERVICES IN 2020
Richard Mill, director at Business Systems (UK) Ltd Business Systems’ Will Davenport on which drivers of change will most...
CAPITAL MARKETS PARTICIPANTS HAVE HIT A WALL WITH COMPLIANCE, NEW INTERNATIONAL STUDY FINDS
The research suggests that many broker-dealers and other trading entities have come to a fork in the road, where they...
BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH
By Victor Acin, Threat Intelligence Analyst, Blueliv Financial services firms are increasingly being told to embrace disruption in order...
THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY
U Htoo Htet Tay Za, Managing Director, AGD Bank Myanmar’s economy is one of the fastest growing in Asia...
WHY 2020 IS THE RIGHT TIME FOR FS MODERNISATION
Chris McLaughlin is chief product and marketing officer at Nuxeo Few would argue against the notion that the UK...
WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?
By Roberts Lasovskis, Investment Platform Lead, TWINO It’s a new year; time for resolutions and forward planning, positivity and...
WHY MAKING MONEY ON YOUR MOBILE IS EASIER THAN YOU MIGHT THINK
Aaron Brooks, Co-Founder of Vamp For Millennials and Generation Z, becoming a social media influencer is an increasingly desired...
DIFFERENTIATION – THE KEY TO THRIVING IN A SATURATED MARKET
Graham Glass, CEO of Cypher Learning What has enabled Cypher to continue to grow in an increasingly saturated market?...
WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?
By Ken Timsit, ConsenSys Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting...
FIVE FINANCIAL SERVICES TRENDS FOR 2020: BIGTECHS SWOOP IN, BANKS GO ON THE OFFENSIVE AND CRYPTOCURRENCY STALLS
Rahul Singh, president of financial services at HCL Technologies We’ve just finished a very exciting decade in financial services, with new...
COMBATING INSURANCE FRAUD WITH MACHINE LEARNING
By Georgios Kapetanvasileiou, Analytical Consultant at SAS Most insurance companies depend on human expertise and business rules-based software to...
DELIVERING SUCCESSFUL IT SYSTEMS THROUGH THE POWER OF PARTNERSHIPS
By Mike Smith, Executive Director, Virgin Media Business (Direct) Is there anything more frustrating than finding out your bank account...
BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND
battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today...
VANQUIS BANK PARTNERS WITH HOOYUTO DIGITALISE KYC PROCESSES
HooYu KYC digital journey deployed during the customer lifecycle on a risk-based approach Leading customer onboarding and KYC technology...
WHY NEOBANKS ARE ON THE RISE IN THE UK
New research by SmallBusinessPrices.co.uk analyses how neobanks are on the rise and why they’re so popular amongst consumers compared to...
RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020
Marie Tatibouet is the CMO at Gate.io It has been a bold and progressive year for the digital asset...
WILL HONG KONG REMAIN THE JURISDICTION OF CHOICE FOR OFFSHORE BANKING?
Hong Kong has traditionally been seen as a tax haven and the financial hub of Asia, if not the world....
HOW CHARITIES CAN MEET TOMORROW’S DIGITAL CHALLENGES?
By Steve Georgiou, Business Consultant at Xpedition Charities are under constant scrutiny for how they handle their finances. Budgets...
RECALL YOUR REPUTATION: HOW TO HANDLE PRODUCT RECALLS
By Alex Balcombe, Partner at Harris Balcombe John Lewis, Tesco, and Hotpoint have all been in the news in...
THE WORLD’S MOST ENTREPRENEURIAL COUNTRIES PERFECT TO START A BUSINESS IN
Latona’s has analysed The Global Entrepreneur Monitor data to reveal the world’s most entrepreneurial nation. Analysing each country by a...