Financial Services, the golden target for cybercriminals: How AI-driven security solutions are safeguarding the sector

Steve Bradford, Senior Vice President, EMEA, at SailPoint

Financial services is one of the most regulated and well-resourced sectors when it comes to cybersecurity. Yet it’s also one of the biggest targets for increasingly sophisticated cybercrime, with hackers seeking its lucrative assets. In 2023, the number of ransomware attacks in the financial industry rose by nearly two thirds (64%), almost doubling compared to 2021.

Data is the currency of the digital business world and enables banks and other financial organisations to gain insight and make better informed decisions. However, as much as data is an asset, the more organisations create and store this, the more the attack surface grows if it’s not protected properly.

Cybercriminals are increasingly utilising sophisticated tools, fuelled by the growth in AI, to enter organisations. They are also capitalising on opportunities presented by the vast amounts of data that organisations now store and are struggling to keep track of. Financial services organisations must advance their security measures to stay a step ahead of the ever-developing threat landscape, ensuring data is stringently managed and secured.

Elevated risk – from third-party access to unstructured data  

Nearly half of enterprise workforces today comprise a variety of non-employee identities. That means in addition to full-time and part-time employees, there are many individuals external to an organisation that are operating within it – for example third-party contractors, freelancers or temporary workers, who are all frequently tapping in and out of organisational networks. All these identities will have different access requirements, which is challenging to keep track of – particularly if organisations lack oversight on who can access what data, when and why.

This is made more complicated by the rapid growth of unstructured data, which reportedly comprises almost 80% of data in banks. Information from customer interactions, or contained within spreadsheets, email files, video and audio formats, means organisations can lack visibility into where the data lives, not to mention who owns it.

This is leading organisations to over-provision access – granting too much access beyond what roles and responsibilities should allow. In fact, our research found 72% of businesses have inappropriately granted access to sensitive data, citing challenges including unprecedented growth in the amount of unstructured data, difficulty knowing where unstructured data resides, challenges with appropriate governance, and lack of automation.

With more user access points, this creates a bigger attack vector for cyber criminals, increasing the possibility of being breached. In fact, 78% of the businesses surveyed reported that a security issue has resulted from improper access.

Without visibility over who has access to what, and when, hackers could be operating unnoticed. This underpins a clear disconnect between most organisation’s security goals and the reality of securing critical data and information. When you consider that the average breach in 2023 was only identified after 204 days, the potential for hackers to infiltrate and steal critical data and information on an ongoing basis is huge.

Financial losses – just the tip of the iceberg

The average cost of a data breach globally reached an all-time high last year, skyrocketing to $4.45 million. Yet the implications go beyond financial loss. Our research found one-third of respondents cited reputational damage occurring as a result of providing inappropriate access to critical data. Not to mention the operational downtime, customer loss, and system restoration that can also follow on from a data breach.

To help prevent attacks, organisations need to get on the front foot with protecting their data – not wait to be led by government regulation or red tape. Ahead of regulation like NIS2 and DORA which come into effect over the next 12 months, UK companies are making headway, putting the correct processes in place to secure their data. However, companies still have a way to go and must actively prioritise better protection for themselves and their customers.

Implementing effective policies and procedures

To prepare for potential attacks, financial institutions need to put policies and procedures in place for risk analysis to assess the effectiveness of cybersecurity risk management measures. Some examples of this include ensuring access is disabled when employees or contractors stops working for you and avoiding using ‘generic’ accounts (accounts that are not tied to a named individual). Organisations should also put approval and risk analysis processes in place when granting access to critical applications, to prevent situations that could lead to fraud or data leakage.  

Through a unified, AI-enabled approach to identity security, organisations can ensure that staff have only as much access as is required to perform their assigned roles and responsibilities – no more, no less. Using AI also speeds and streamlines identity decisions, something crucial given the pace at which businesses – and cyber threats – are evolving. This enables identity teams to move faster and more effectively to spot and stop unnecessary, inappropriate, or potentially compromised access.  

Safeguarding data is business critical. With the stakes higher than ever before, financial services must make full use of the available AI-driven tools and technology to gain better visibility and insight into the specific risks associated with user access. A carefully considered approach to identity security, with stringent policies on how access to data is managed and controlled, will help businesses stay one step ahead of cybercrime.


Most Popular