How banks and financial institutions can step up enterprise security
Gerald Beuchelt, CISO, LogMeIn
Cyber-attacks are increasing at an alarming rate, and in 2018 we’ve witnessed breaches hit several trusted brands across various industries, including British Airways, Ticketmaster, and most recently, Facebook. However, the financial sector continues to be one of the most lucrative targets for criminals: UK banking customers lost £358 million to unauthorised fraud in the first half of this year. With the appeal of huge financial gain, along with access to a wealth of high value personally identifiable information (PII), it’s perhaps unsurprising that financial services firms are targeted more than any other sector.
Although the threat landscape is fast evolving and attackers’ techniques are becoming increasingly sophisticated, passwords continue to play a major role in breaches: 81% of data breaches involve weak, reused or stolen credentials. Bearing in mind the level of risk involved in banks and financial institutions, we could be forgiven for assuming that such organisations would be ahead of the game in their security practices. However, a recent study that scored businesses on password practices and multi-factor authentication (MFA) adoption found the industry performing below average.
