Financial Sector Security

  • Published: 31 July 2019,
  • The Say Team

Today’s bank robbers have swapped their guns and ski masks for PCs, and while physical security will always remain important – in the modern climate, the onus is on security teams to defend equally against cybercrime. Among other reasons, this is due to the digitisation many processes within the business sphere; vast interconnected networks present a range of new avenues for would-be cybercriminals. In 2018, UK cyber attacks increased 140 percent across all sectors. In the same year, 67 percent of financial institutions were the target of cybercrime, and 79 percent agree attackers are becoming more sophisticated. Furthermore, a recent report showed the average cost of a successful cyberattack was $2.6 million.

It is because of this shifting climate that Say Communications conducted research for ‘The State of Trust in Security Companies Barometer’, to reveal what factors decision makers, in the financial sector, prioritise when choosing a new vendor. Below are some of the key take outs:

Tactics for vendors to get ahead

The financial sector is made up of a broad range of businesses, from banking to insurance. Therefore, the finance professionals that took part in the study responded in kind, and gave incredibly varied answers. However, there were some unifying factors. When you consider the commonality of cybercrime it’s easy to see why 52 percent of those surveyed said it’s a main priority of their board and a further 39 percent listed cybersecurity at the top of their organisation’s priorities.

Another interesting finding, albeit not a wholly unexpected one, was that of all the industries surveyed (Health, Education, Transport, Retail and Leisure, Utilities and Infrastructure) Finance came out as the least concerned with the cost of a product. Given that the sector revolves around money, the financial ramifications of a successful attack – and the additional liabilities and potential fines from regulators – the cost-effectiveness of the best security system money can buy is easy to justify.

But how can you get in front of the buyer?

The source most likely to be taken into account was found to be analyst reports, with 45 percent agreeing it is vital information. Additionally, another trusted source of information was channel publications. On the other hand, customer case studies proved to be an anomaly, in that Finance Sector professionals valued them far less than all other sectors.

Another significant finding was that 21 percent of finance decision-makers said they’d stop doing business with a vendor that processed their data outside of the territory they operate in. This is understandable perhaps due to the stringent regulations seen throughout the industry and that it’s considered a part of Critical National Infrastructure, so exposing software to hostile nations is not a risk worth taking.

Final learnings for the vendor

Whilst the Financial Services sector has escaped relatively lightly compared to other sectors when it comes to cyber warfare, the sophistication of cybercriminals is only increasing and the strategies employed to defend against such threats will have to do the same to keep pace – the threat of an attack is constant. Consequently, no other industry invests as much on cybersecurity, with the likes of JPMorgan Chase spending as much as $750 million annually.

The market is overcrowded, and growing exponentially, vendors need to employ a targeted PR and marketing strategy to achieve cut-through and reach buyers. Today’s Bonnie and Clydes are using a laptop in a basement – perhaps a far less romantic prospect than the gunslinging bygone era – but it still has the potential to be a devastating one at that, unless preparation is made.

What's Next?