Cybersecurity in banking: Challenges and best practices for 2023

The cybersecurity landscape is constantly evolving, and banks, credit unions, and other financial institutions (FIs) are increasingly becoming targets of cybercriminals. Now, these attacks and associated threats are rising even more rapidly than in years past. The first half of 2021 saw 30% more ransomware attacks than all of 2020, The U.S. Department of the Treasury’s Financial Crime Enforcement Network reports.

Unfortunately, many FIs are struggling to keep up with the latest security best practices; they are ill-prepared for the new and evolving threats within the cybersecurity space today. This has serious implications for these organizations—more so than for organizations in other industries. Lackluster cybersecurity in banks can have devastating consequences, including financial losses, reputational damage, interrupted operations, and regulatory fines.

Fortunately, new developments in cybersecurity “provide an opportunity for [banking industry] leaders to better align their solutions with client business and elevate product and partnership standing among banking buyers,” Gartner reports. These developments can flip cybersecurity in banks from a vulnerability to a competitive differentiator when implemented correctly.

In this article, we explore the challenges that banks and other FIs face when it comes to cybersecurity, as well as identify some new technologies, strategies, and best practices that can help them stay ahead of the curve.

The State of Cybersecurity in Banking Today

Cybersecurity in banking is more important than ever before—“Credit unions and banks are prime targets for ransomware attacks because of the sheer amount of information they store about their customers,” according to Forbes. But despite this, many banks are not adequately prepared to deal with the latest cyber threats.

This is a critical shortcoming, often to a greater extent than in other industries. There are more potential threat vectors in banking compared to other types of companies. Attackers may target high-ranking employees’ credentials, attempt to send illegal wire transfers to their own accounts or set up fraudulent accounts to steal critical information, among other methods.

Data breaches in the financial sector are often more costly than those in other sectors as well. IBM’s 2021 Cost of Data Breach report claims the average cost of a data breach in the financial sector was $5.72 million—a staggering amount for small-to-medium FIs. And given the regulatory landscape banks operate in, the fallout from a data breach can be even more severe.

Part of the industry’s problem is a “definite lack of cohesiveness in determining what is going well and what could be better,” as Forbes describes. “There is no industry standard determining the fundamentals enabling financial institutes (FI) to answer one simple question: How secure are they today” But we can begin by identifying the key challenges and threats associated with banks’ security measures can protect against as the landscape evolves.

Emerging Cybersecurity Challenges in the Banking Industry

There are several specific cybersecurity challenges banks and other financial institutions are facing on an increasing basis. And while there is no cyber attack banks can avoid entirely, understanding the nature of those threats can help them prepare for the worst; or even turn cybersecurity into a competitive differentiator. These threats include:

• Ransomware: Ransomware is a type of malware that encrypts a victim’s data and demands a ransom to decrypt it. “In the first half of 2021 alone, reported ransomware payments in the United States reached $590 million, compared to a total of $416 million in all of 2020,” Forbes reports. Banks that experience ransomware attacks often have to take their systems offline for days or weeks and even pay criminals to meet their demands—incurring significant financial losses, in any case.
• Phishing: Phishing attacks use email or malicious websites to try to trick victims into downloading malware or revealing personal information like login credentials or credit card numbers. In one report from ZDNet, criminals sent emails to bank employees attempting to convince those employees that they were recruiters; they would then bypass banks’ security measures by coercing employees to download HTML attachments that included malicious code. “By targeting individuals already in the banking sector, it is possible that the cyber attackers are trying to obtain access to commercial bank networks, whether through corporate machines or personal devices when employees are working remotely,” ZDNet reports.
• Insider threats: The insider threat is a type of cybersecurity risk that arises when current or former employees misuse their privileged access to company systems and data. This can happen through malicious intent, like stealing customer information, or by accident, like clicking on a phishing email. Insider threats are a growing problem in banking: Insiders know the locations of assets, their worth, and how to access them;  they also have legitimate credentials and permissions, making it easier for them to go undetected.
• Software supply chain attacks: A software supply chain attack is when cyber criminals insert malicious code into legitimate software—tricking victims into downloading and installing it. This type of attack can be difficult to detect, as the malicious code can remain dormant until it’s activated by the cybercriminal.

Opportunities for Tetooling Banks’ Security Measures

Fortunately, many banks are reprioritizing cybersecurity investments in light of these new challenges. Deloitte predicts financial institutions will spend roughly 11% of their IT budgets on cybersecurity efforts, where each of the largest U.S. banks will invest as much as $1 billion. Banks are also retooling their cybersecurity strategies in several ways, including:

• Improving detection and response times: Banks are working to improve their detection capabilities, so they can identify and respond to cyber threats more quickly. This includes investing in technologies like artificial intelligence (AI) and machine learning (ML), which can help automate the detection of malicious activity.
• Enhancing cyber intelligence: Banks are also collecting and sharing more cyber intelligence to improve their overall security posture. This includes information about new cyber threats, as well as data that can help banks better understand their own vulnerabilities.
• Better protecting customer data: In the wake of large-scale data breaches, banks are increasing their efforts to protect customer data. This includes encrypting data, implementing multi-factor authentication, and segmenting networks to make it more difficult for cybercriminals to access sensitive information.
• Training employees: Banks are also training their employees on cybersecurity best practices, so they can be more aware of the threats they face and the steps they can take to protect themselves. This includes education on topics like phishing scams, social engineering, and password management.
• Consolidating cybersecurity vendors: Banks are consolidating their cybersecurity vendors to simplify their IT environments and reduce the number of potential vulnerabilities. This can help banks save money and improve their cybersecurity posture by reducing the number of cybersecurity products they need to manage. Working with the right vendor can lead to worthwhile partnerships as well, where “having a security partnership in place can… help reduce the burden on internal IT resources,” as Forbes describes.

By implementing these new cybersecurity measures, banks can improve their overall security posture and better protect their customers from the growing threat of cybercrime.

Strengths Through Partnerships

At its foundation, resilient cybersecurity in banking means going beyond regulatory compliance alone. With the right momentum today, banks can turn cybersecurity into a competitive differentiator in the long term rather than simply “checking a box” based on minimum requirements.

It’s partnerships that make this transformative approach to cybersecurity possible. Even as new threats emerge,  banks can rely on the cybersecurity products and services available through their partnerships to adapt their strategies as needed. The best of these relationships are built on trust and a shared commitment to protecting customer data—which is the lifeblood of any bank.

Partner with Semifly for Leading Cybersecurity in Banking

Semifly is a cybersecurity partner banks all over the globe trust to protect their customers’ data. We offer a comprehensive suite of cybersecurity products and services, including managed security services, penetration testing, incident response, and more. Our team of cybersecurity experts can help you assess your risks, implement the right controls, and respond quickly in the event of an incident.

To learn more about how we can help you strengthen your cybersecurity posture, contact us today.