Building resilience: Essential strategies for defending against ransomware in financial services

By Mark Nutt – Senior Vice President at Veritas Technologies

Research shows that three-in-five financial services organisations (64%) were hit by ransomware attacks in the past year, a jump on the 55% in 2022. There’s no getting away from the reality that ransomware attacks in the financial services industry are on the rise and no organisation is immune to the possibility of falling victim to an attack. Regardless of the size of the organisation, financial services companies will always be a prime target for malicious actors.

Due to the huge amounts of sensitive personal and financial data that these organisations hold, the potential damage of such an attack carries greater risk than other sectors. Once files are encrypted by successful ransomware action, organisations are left with painfully few options. Even if they choose to pay the criminals behind the attack, there is no guarantee that their data will be retrievable, and even less for this to happen without being made available publicly in someway. To make matters worse, the financial cost will nearly always be less  than the potential reputational damage, which for financial services organisations is a critical business differentiator, where credibility and security are cornerstones for successful operations.

Mark Nutt

This is why it’s more important than ever to prepare for the inevitable. When ransomware hits, time is of the essence. Financial services firms need to be able to react both quickly and effectively. It is only then that they stand a chance of protecting their most valuable asset – data – from malicious actors.

Rising threats

The ransomware threat is not a new phenomenon. However, with increasing amounts of data, shifts in working habits, and the advancement of modern technologies – such as artificial intelligence – it is certainly gaining momentum. In fact, recent research from Veritas discovered that ransomware is a very real concern for financial services organisations especially.

This research analysed the last three years of annual reports for the UK’s FTSE 100 companies, in order identify the main priority areas of the biggest enterprises. Of the industries reported on, cyber threats seem to be particularly weighing on the minds of those operating in the financial services sector. In fact, mentions of ‘cyber-attack’ in financial sector firms’ annual reports have increased by 55% in the last three years. Meanwhile, ransomware mentions were up by 88% from 2020 to 2022.

As a highly regulated industry, responsible for holding vast amounts of personal information on individuals and businesses, financial services organisations have historically been a key target for cybercriminals, and it would appear that the threat is only increasing.

Defending against the inevitable

In today’s world, insuring your digital infrastructure is just as important as insuring your physical one. When it comes to ransomware, failure to prepare really is preparing to fail. Financial services organisations need a comprehensive response plan that is regularly tested, rehearsed, and continually communicated with all key stakeholders. It is only then that they can be on the front foot and act quickly to ensure business resiliency when attackers strike.

A key part of any response plan should be investment in resilient IT systems and robust risk-management processes. As well as reducing the likelihood of any disruption following an attack and improving the business’s overall ability to recover, these two elements will enable financial services organisations to develop strategies to help mitigate the impact of ransomware in the future.

However, it’s not just about investing in modern technologies. Another important part of the puzzle is to invest in the people who use them day-in and day-out. Organisations should regularly provide training to employees and all service-providing third parties on what to do and how to respond in the face of an attack.  Too often, this step gets missed and key business partners do not receive updates in critical communication procedures, meaning a disjointed approach on the road to recovery.

Once financial sector firms have a response plan in place, it’s critical that they practice how it will be implemented. Stress testing on a regular basis is important to ensure that everything is working as it should be, before it needs to. Organisations should test their digital solutions and also rehearse the plan with drills and exercises for their employees and service providers. This will help to ensure that everyone knows the plan and their roles and responsibilities during an attack. 

The need to act quickly

The threat of ransomware attacks isn’t going away, and financial services organisations must act fast to get ahead of the attackers. A detailed response plan that incorporates both modern technologies and essential employee training is no longer a nice-to-have but an absolute necessity. When an attack happens, everyone must be clear on what actions are needed and the procedures they need to follow. Working together and implementing a well-rehearsed recovery plan is vital, and allows for operational resiliency to be maintained and valuable data to be protected.


Most Popular