For decades, financial institutions across the globe have been combatting massive cyberattacks with varying degrees of success. Financial enterprises recognize the importance of making investments to combat threats to their network and data. For example, JP Morgan Chase spends more than $600 million on cybersecurity efforts, and Bank of America spends over $1 billion.
The situation can, at times, feel like an expensive game of Whac-A-Mole. But the necessity of the spending is clear. A 2021 report from IBM and the Ponemon Institute found that the global average cost of a data breach is $4.24 million and companies that experienced a breach saw a 38% loss of business share as a result of the breach. Rather than an expense, cybersecurity is an investment in the future and growth of a business.
Understanding the threat landscape facing financial institutions can help those enterprises know where to invest their dollars to ensure a strong security posture. Here are three trends we see that will be important to watch.
Trend 1: Increasing compliance measures
In 2021, we saw an increase in U.S. governmental oversight related to cybersecurity. President Biden signed an executive order to bolster efforts against cyberattacks and stated that his administration is treating ransomware as a national security threat. And U.S. financial regulators approved a new rule—Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers—that requires banking organizations to report any significant cybersecurity incident within 36 hours of discovery.
Given the severity of threats facing financial institutions and their wide-reaching implications, this trend is likely to continue. Financial enterprises will need to have a strong security posture that allows them to detect, investigate and respond to threats quickly. Having long-term forensic data may also prove to be important to avoid penalties.
Trend 2: Advancing technology
Fintech innovations drive customer satisfaction, but they also come with a host of security vulnerabilities. Digital-only banking has been increasingly adopted, over half of Millennials are switching to these types of banks according to a survey from deVere Group. This trend will drive more traditional institutions to adopt more aspects of a virtual bank, as well, which in turn leads to more digital vulnerabilities.
The wide adoption of blockchain and DeFi technologies are also driving financial institutions to explore digital currency services. It is expected that by 2024, corporations will be spending $20 billion on blockchain. The infrastructure and skills needed for this change will undoubtedly put stress on the financial IT teams. Ensuring a secure transition will be of the utmost importance.
As networks increase in complexity, with on-prem, cloud, and hybrid environments, tracking and maintaining each device and application becomes more difficult without the right tools. Having a complete picture of network activity behavior—from layers 2 through 7—allows financial enterprises to support a strong security posture.
Trend 3: IT talent shortage
The skills gap in IT continues to be a problem for all types of organizations. A survey by Gartner found that 64% of surveyed companies see talent availability as the most significant challenge to emerging technology adoption. For the financial industry, this is a problem that needs to be addressed. Given the heightened regulation around the industry, most financial enterprises are not as fortunate as other industries which may be able to outsource talent. Finding talent will likely continue to be an issue, so organizations need to look at their resources and see where gaps can be filled.
Some companies are reinvesting in current employees to help shore up the skills gap. Organizations have found significant savings by reskilling current employees, as it is often more expensive to search, hire, and train new talent. While enterprises cannot rely on reskilling employees to cover the talent gap, it is a way to ensure emerging technology adoption does not make them as vulnerable to the increasing number of threats.
Many cybersecurity vendors are responding to this challenge by investing in artificial intelligence and machine learning to help teams become more efficient at detecting, investigating, and responding to threats. As teams assess their toolsets, they need to understand if the tools are helping them save person-hours or aiding their efforts across to shorten mean time to response.
Over the last decade, we have seen broad adoption of the digital economy and digitization of financial services. Financial enterprises must find the right security tools to armor against attacks. Read our case study for the financial industry to see why an NDR platform is an essential part of their security stack.