Connect with us

Banking

From Dwell to Destruction: the evolution of cyber attacks in the financial services sector

Published

on

By Tom Kellermann, Head of Cybersecurity Strategy at VMware

 

The last couple of years has not only seen an increase in the number of cyber-crime cartels in Europe, but a significant increase in the sophistication of their operations too. According to research by the UK cabinet office, the UK experiences the highest number of cyber-crimes in Europe every year, followed by France.  Powerful cybercriminal groups now operate like multinational corporations and are relied upon by traditional crime syndicates to carry out illegal activities such as extortion and money laundering. These cartels are more organised than ever before and enjoy greater protection and resources from the nation-states that view them as national assets.

Howler-Tom-Kellermann-

With this ground truth serving as the backdrop for the threats facing financial institutions, I interviewed 130 financial security leaders and CISOs from around the world for VMware’s  fifth edition of the Modern Bank Heists report. This year’s findings should serve as a warning to the financial sector that attackers are moving from dwell to destruction:

 

Geopolitical Tension Is Metastasizing in Cyberspace

Cybercriminals targeting the financial sector often escalate their destructive attacks in order to burn evidence as part of their counter incident response. Our report found that 63% of financial institutions experienced an increase in destructive attacks, a 17% increase from last year. Destructive attacks are launched punitively to destroy, disrupt, or degrade victim systems by taking actions such as encrypting files, deleting data, destroying hard drives, terminating connections, or executing malicious code. In fact, we’ve recently witnessed destructive malware like HermeticWiper being launched following Russia’s invasion of Ukraine. Notably, the majority of financial leaders I spoke to for this report stated that Russia posed the greatest concern to their institution.

 

The Year of the RAT

Financial institutions were certainly not immune to the recent resurgence of ransomware. 74% of financial security leaders experienced one or more ransomware attacks in the past year, and 63% of those victims paid the ransom. This is a staggering statistic.

One of the reasons that traditional crime syndicates have become loyal dark web customers is because of the well-funded ecosystem of readymade and available ransomware kits. Cybercrime cartels, such as the Conti ransomware gang, have made it as easy as possible for their associates to launch ransomware attacks on critical industries like the financial sector.

A technical analysis in the VMware Threat Analysis Unit’s latest threat report provides a view into the proliferation of ransomware and how Remote Access Tools (RATs) help adversaries gain control of systems. Ransomware has a sinister relationship with these RATs, given these tools allow bad actors to persist within the environment and establish a staging server that can be used to target additional systems. Once an adversary has gained this limited access, they will typically work to monetise it by relying on the victim’s data for extortion (including double and triple extortion) or through stealing resources from cloud services using cryptojacking attacks.

 

Manipulation of Financial Markets

Cybercrime cartels have realised that the most significant asset of a financial institution is nonpublic market information. 2 out of 3 (66 percent) of the leaders I interviewed experienced attacks that targeted market strategies, and 1 in 4 (25 percent) stated that market data was the primary target for cyberattacks on their financial institution.

What exactly are these cybercrime cartels looking for? We’re witnessing an evolution from bank heist to economic espionage, where cybercriminals target corporate information or strategies that can affect the share price of a company as soon as it becomes public. This information can then be used to digitise insider trading and front-run the market. Our report also found that 44% of Chronos attacks targeted market positions. A Chronos attack involves the manipulation of time stamps – a concerning development considering how critical of a role the clock plays in the markets.

 

Defense Is the Best Offense

Security has become a top-of-mind issue for financial sector leaders. According to our report findings, the majority of financial institutions plan to increase their security budget by 20-30% this year and named extended detection and response (XDR) as their top security investment priority.

As security leaders, we know that a strong defence is the best offense. Modern threat hunting on a weekly basis should be adopted as a best practice to help security teams detect behavioural anomalies, as adversaries can maintain clandestine persistence in an organisation’s system. Our report found that currently, only 51% of financial institutions are conducting weekly threat hunts. I am hopeful that this number will jump in next year’s report as threat hunting programs have multiple outputs beyond finding a cybercriminal, such as fuelling threat intelligence.

In today’s evolving threat landscape, cybersecurity has become a brand protection imperative. Trust and confidence in the safety of financial institutions depends on effectively avoiding, mitigating, and responding to modern cyber threats. As governing bodies introduce new regulations and levy hefty fines, it is time for the sector to take control and get one step ahead of the cyber cartels.

 

 

 

 

 

Banking

Wealth Managers and the Future of Trust: Insights from CFA Institute’s 2022 Investor Trust Study

Published

on

Author: Rhodri Preece, CFA, Senior Head of Research, CFA Institute

 

Corporate responsibility is more important than ever. Today, many investors expect more than just profit from their financial decisions; they want easy access to financial products and to be able to express personal values through their investments. Crucial to meeting these new investor expectations is trust in the financial services providers that enable investors to build wealth and realise personal goals. Trust is the bedrock of client relationships and investor confidence.

The 2022 CFA Institute Investor Trust Study – the fifth in a biennial series – found that trust levels in financial services among retail and institutional investors have reached an all-time high. Reflecting the views of 3,588 retail investors and 976 institutional investors across 15 markets globally, the report is a barometer of sentiment and an encouraging indicator of the trust gains in financial services.

Wealth managers may want to know how this trust can be cultivated, and how they can enhance it within their own organisations. I outline three key trends that will shape the future of client trust.

 

THE RISE OF ESG

ESG metrics have risen to prominence in recent years, as investors increasingly look at environmental, social and governance factors when assessing risks and opportunities. These metrics have an impact on investor confidence and their propensity to invest; we find that among retail investors, 31% expect ESG investing to result in higher risk-adjusted returns, while 44% are primarily motivated to invest in ESG strategies because they want to express personal values or invest in companies that have a positive impact on society or the environment.

The Trust Study shows us that ESG is stimulating confidence more broadly. Of those surveyed, 78% of institutional investors said the growth of ESG strategies had improved their trust in financial services. 100% of this group expressed an interest in ESG investing strategies, as did 77% of retail investors.

There are also different priorities within ESG strategies, and our study found a clear divide between which issues were top of mind for retail investors compared to institutional investors. Retail investors were more focused on investments that tackled climate change and clean energy use, while institutional investors placed a greater focus on data protection and privacy, and sustainable supply chain management.

What is clear is that the rise of ESG investing is building trust and creating opportunities for new products.

TECHNOLOGY MULTIPLIES TRUST

Technology has the power to democratise finance. In financial services, technological developments have lowered costs and increased access to markets, thereby levelling the playing field. Allowing easy monitoring of investments, digital platforms and apps are empowering more people than ever to engage in investing. For wealth managers, these digital advancements mean an opportunity for improved connection and communication with investors, a strategy that also enhances trust.

The study shows us that the benefits of technology are being felt, with 50% of retail investors and 87% of institutional investors expressing that increased use of technology increases trust in their financial advisers and asset managers, respectively. Technology is also leading to enhanced transparency, with the majority of retail and institutional investors believing that their adviser or investment firms are very transparent.

It’s worth acknowledging here that a taste for technology-based investing varies across age groups. More than 70% of millennials expressed a preference for technology tools to help navigate their investment strategy over a human advisor. Of the over-65s surveyed, however, just 30% expressed the same choice.

 

THE PULL OF PERSONALISATION

How does an investor’s personal connection to their investments manifest? There are two primary ways. The first is to have an adviser who understands you personally, the second is to have investments that achieve your personal objectives and resonate with what you value.

Among retail investors surveyed for the study, 78% expressed a desire for personalised products or services to help them meet their investing needs. Of these, 68% said they’d pay higher fees for this service.

So, what does personalisation actually look like? The study identifies the top three products of interest among retail investors. They are: direct indexing (investment indexes that are tailored to specific needs); impact funds (those that allow investors to pursue strategies designed to achieve specific real-world outcomes); and personalised research (customised for each investor).

When it comes to this last product, it’s worth noting that choosing advisors with shared values is also becoming more significant. Three-quarters of respondents to the survey said having an adviser that shares one’s values is at least somewhat important to them. Another way a personal connection with clients can be established is through a strong brand, and the proportion of retail investors favouring a brand they can trust over individuals they can count on continues to grow; it reached 55% in the 2022 survey, up from 51% in 2020 and 33% in 2016.

 

TRUST IN THE FUTURE

As the pressure on corporations to demonstrate their trustworthiness increases, investors will also look to financial services to bolster trust. Wealth managers that embrace ESG issues and preferences, enhanced technology tools, and personalisation, can demonstrate their value and build durable client relationships over market cycles.

Continue Reading

Banking

2022 ESG Investment Trends

Published

on

Jay Mukhey, Senior Director, ESG at Finastra

 

Environmental, Social and Governance (ESG) themes have been front and center throughout the pandemic. While the framework has been surging in popularity for several years, COVID-19 served as a period of reflection causing many companies, investors and other individuals to take these factors seriously. It’s something that we can no longer afford to ignore.

Jay Mukhey

We are witnessing drought, adverse weather patterns, hotter climates, and wildfires with more regularity, raising the profile of the climate crisis. Efforts were renewed at COP26 in Glasgow last November to help address the challenge, with the signing of the Glasgow Climate Pact and agreement of the Paris Rulebook. As a result, we are now seeing record net new inflows into ESG investing and impact.

 

Evaluating ESG criteria

Long gone are the days when ESG issues were at the periphery of a company’s operations. In just a few short years, ESG criteria have become a key metric for investors to evaluate businesses they are considering investing in.

Investor money has poured into funds that consider environmental, social and governance issues. Data from the US SIF Forum for Sustainable and Responsible Investment shows that ESG funds under management have now reached more than $16.6 trillion. It’s not just institutional investors who are embracing ESG, with Bloomberg Intelligence predicting that savers across the world will amass £30.2 trillion in ESG funds by the end of the year.

Due to the multitude of divergent factors that contribute to a company’s success on ESG, it can be tricky to pin down exactly what criteria to measure. Depending on the industry a company operates within, environmental criteria could include everything from energy usage, the disposal of waste and even the treatment of animals.

Social criteria are primarily related to how a company conducts itself in business relationships and with stakeholders. For example, does it treat suppliers fairly? Is the local community considered when the business makes decisions that would impact them? Do they have a statement and policy around modern slavery?

While governance criteria have traditionally been an afterthought, this may be changing. Everything from executive pay to shareholder rights and internal controls are relevant to investors within these criteria.

 

Tracking ESG for competitive advantage

Many experts within the financial services industry point to the power of ESG as a major competitive advantage, if used correctly. It has been noted that increasingly corporations, from big Fortune 500 companies down to small scale-ups, will communicate on their sustainability metrics to grow their business and to attract talent. However, it’s no longer enough to just pay lip service to ESG issues, with abstract commitments increasingly being seen as insufficient. Companies must now quickly progress to concrete objectives that can be measured and tracked.

A wide range of data providers now offer detailed information and tools that can measure ESG performance and effectiveness. Yet major challenges remain around bringing together what is often extremely fragmented data and transforming it into actionable insights.

 

Focus areas for 2022

The ESG criteria that investors measure is by no means stagnant. Complex societal challenges regularly emerge that require the attention of companies. Contributors recognize several topics that demand a sophisticated approach, including the COVID pandemic, diversity challenges and powerful social movements.

Companies operating within the financial services sector face several specific challenges related to ESG, with contributors believing that fintech will also continue to play a central role in finding answers to them.
For example, industry experts expect customers to be more demanding of firms in SME lending when it comes to understanding exactly what impact they are having on the climate. For many financial services firms, 2022 will be the year that they will try to reduce the time it takes to bring ESG products and services to market, such as green loans and mortgages, as well as checking accounts with sustainability and carbon tracking capabilities.

When selecting a service provider, customers are increasingly interested in the ESG credentials of their bank or financial institution. Research from PwC finds that 80% of consumers are more likely to buy from a company that stands up for environmental and governance issues. Consumers are one of the main drivers of ESG and many are putting their money where their mouth is. It’s a trend that’s not going away; financial institutions need to start implementing their strategy for ESG now.

Continue Reading

Magazine

Trending

News5 hours ago

Rivery Raises $30M B Round of Venture Funding from Tiger Global

With data needs growing and data talent scarcity, there is huge demand for Rivery’s 100% SaaS solution to create an...

Banking2 days ago

Wealth Managers and the Future of Trust: Insights from CFA Institute’s 2022 Investor Trust Study

Author: Rhodri Preece, CFA, Senior Head of Research, CFA Institute   Corporate responsibility is more important than ever. Today, many...

Interviews2 days ago

Q&A with Andréa Jacquemin, founder and CEO of Beamy

Beamy is a fast-growing scale-up that focuses on pioneering a new approach to SaaS management for large companies. Founded in...

News4 days ago

How to reignite your store with streamlined operations and a distinctive customer experience

Colin Neil, MD, Adyen UK   Retailers know that prioritising customer experience is vital to success today. This, amongst the...

Business4 days ago

5 tips to ensure CSR efforts come across as genuine

By Mick Clark, Managing Director, WePack Ltd   Corporate social responsibility – or CSR – is playing an increasingly pivotal role...

Business4 days ago

How to Build Your Credit Up Safely

by Taylor McKnight, Author for Compare Credit   What Is Credit? Credit is money owed by a person that allows...

News4 days ago

PCI DSS Compliance in the Cloud – Everything you should know

Introduction PCI DSS 4.0 is the latest and updated version of PCI DSS that was introduced on March 31st, 2022....

Banking5 days ago

2022 ESG Investment Trends

Jay Mukhey, Senior Director, ESG at Finastra   Environmental, Social and Governance (ESG) themes have been front and center throughout...

Business5 days ago

PROTECT THE VALUE OF YOUR SAVINGS AND AVOID RISING INFLATION PRESSURE

Planning for the next financial year? Former Bank Manager and successful whisky investor, Roger Parfitt, tells us why cask ownership is...

Technology5 days ago

UK Organisations turn to artificial intelligence to fight sophisticated cyberattacks

New research by cybersecurity expert Mimecast finds that email attacks are becoming more frequent and sophisticated More and more companies...

Finance5 days ago

The power of diversity: The need for female role models in FinTech

By Isavella Frangou, VP of Sales and Marketing, payabl.   As our world is constantly evolving, it’s easy to believe...

Business5 days ago

Securing BNPL Platforms for Merchants

By: James Hunt, Payments SME at Feedzai   The buy now, pay later (BNPL) market has boomed because it offers...

Technology5 days ago

Addressing the talent gap within cybersecurity

By Merlin Piscitelli, Chief Revenue Officer, EMEA at Datasite   Rising geopolitical tensions and increasingly sophisticated cyberwarfare tactics have meant...

Uncategorized5 days ago

Biometric payment card FAQs with Michel Roig, Fingerprints’ President of Payments & Access

We sat down with Michel Roig to answer your frequently asked questions regarding biometric payment cards – their benefits, current...

Banking5 days ago

Opportunities for UK Challenger Banks to address AML Compliance

Author: Gabriel Hopkins, Chief Product Officer, Ripjar   UK challenger banks have revolutionised the banking sector with innovative products and...

Finance5 days ago

HOW GOING DIGITAL COULD HELP CHARITIES OVERCOME THE CHALLENGES OF INFLATION

By Shaf Mansour, not for profit solutions specialist at The Access Group.    The topic of inflation and its impact...

Business5 days ago

How to manage transformational change successfully

Adrian Odds, Marketing and Innovation Director, CDS 2020 accelerated change in the business landscape significantly. Many were already considering –...

Finance5 days ago

Why the pandemic has put the pressure back on fintechs

Ben Walker, Partner & CTO, Airwalk Traditionally, the only genuine threats to the incumbent banking giants were macroeconomic instability and...

News5 days ago

Neobank Fi launches new feature ‘Connected Accounts’ allowing users to sync multiple bank accounts on a single app.

Neobanking app Fi launched its ‘Connected Accounts’ feature to become one of the first fintechs to build a product on...

Finance5 days ago

Accounts Payable fraud: Do you know who’s accessing your finances?

Mark Blakemore, CFO at Compleat Software   The use of social engineering and phishing attacks on accounts payable (AP) departments...

Trending