By Komal Akulwar, Senior Analyst, Infoblox
The new Cybersecurity Insight Report by Infoblox is focused on the global financial services sector and shares a comprehensive overview of the state of cybersecurity within the industry. The report is based on insights gathered by a CyberRisk Alliance Business Intelligence survey among 800+ finance IT professionals working in North America, Latin America, Europe and the Asia-Pacific region. Virtually all respondents (94%) described themselves as either significant or final decision makers of cybersecurity budgets or operations at their organizations and shared how the COVID-19 shutdowns challenged the financial services industry’s core infrastructure.
More than a year into the pandemic, banks, insurers, and other financial institutions report costly consequences to falling short of protecting their massive data troves from cloud-based attacks and network disruptions. But there’s more to these losses, and the report’s data helps decision makers understand the root causes of some of these disruptions. The report found that:
- Data breaches are an increasingly significant cost burden for the industry: Worldwide, financial firms that experienced a data breach reported estimated average losses of roughly $4.2 million per attack, with U.S. organizations hit hardest at $4.7 million in estimated losses.
- Network outages also result in costly burdens: Institutions lose an estimated $3.2 million on average, with Asia-Pacific followed by European institutions carrying the heaviest losses at $4.3 million and $3.1 million respectively.
- The industry remains a popular target for cloud-based attacks: Over half of all organizations (54%) surveyed suffered a data breach in the last 12 months with 49% plagued by a cloud malware attack as well.
- Cloud and network-based attacks will continue to be a major threat vector: More than 50% of respondents expect to face a combination of IoT attacks, cloud vulnerabilities including misconfigurations, and data manipulation attempts over the next 12 months.
- Threat resolution teams are embracing network visibility for security hygiene: Globally, network monitoring (76%), threat intelligence (64%), and threat hunting (57%) are considered the most effective mitigation tactics against these threats.
Global financial organizations are pressed on multiple fronts. They need to tackle a variety of complex compliance regulations from a number of countries, safeguard remote workers in relatively unmonitored environments, and maintain secure core DDI network services. The best cybersecurity strategy for these organizations should therefore ensure data availability, security and visibility.
“This report shows us that cloud compromise has become the biggest cybersecurity issue for financial institutions and the investments they are making to protect themselves,” said Anthony James, VP of Product Marketing at Infoblox. He continued, “Notably, respondents are starting to use DNS to catch network threats before they move upstream. This is reflected in the customer uplift we’re seeing for our BloxOne Threat Defense platform, which uses DNS to extend security to cloud-first infrastructure and accelerates threat resolution by orchestrating detection and remediation tools from the existing security stack.”
The financial services sector has long been a target for bad actors who are following the cyber money trail into the cloud. As the pandemic pushed IT infrastructures to rely on remote work, cloud-based technologies that enabled digital transformation also created soft spots for cyber criminals to exploit. This report highlights how financial organizations globally are acknowledging this added vulnerability and strategically investing to leverage DNS as the first line-of-defense for needed security.