Trustwave SpiderLabs Uncovers Critical Cybersecurity Vulnerabilities Exposing Manufacturers to Costly Attacks. Learn More

Trustwave SpiderLabs Uncovers Critical Cybersecurity Vulnerabilities Exposing Manufacturers to Costly Attacks. Learn More

Managed Detection & Response

Eradicate cyberthreats with world-class intel and expertise

Managed Security Services

Expand your team’s capabilities and strengthen your security posture

Consulting & Professional Services

Tap into our global team of tenured cybersecurity specialists

Penetration Testing

Subscription- or project-based testing, delivered by global experts

Database Security

Get ahead of database risk, protect data and exceed compliance requirements

Email Security & Management

Catch email threats others miss with layered security & maximum control

Co-Managed SOC (SIEM)

Eliminate alert fatigue, focus your SecOps team, stop threats fast, and reduce cyber risk

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
The Trustwave Approach
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Platform
SpiderLabs Fusion Center
Security Operations Centers
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

5 Steps for Financial Firms to Get Ahead of the Attackers

Long considered an information security stalwart compared to other industries, the financial services sector has new reason to be on guard against cyberattacks.

In July, Treasury Secretary Jack Lew told a conference of investment executives in New York that "far too many hedge funds, asset managers, insurance providers, financial market utilities and banks could be doing more." He explained that a successful attack on one of these entities could have grave consequences for the financial system at large.

These companies have it tough. They are in the cross-hairs of a range of attackers, from state-sponsored adversaries bent on stealing trade secrets and intellectual property, to financially motivated crooks after an easy buck, to disruption-seeking hacktivists.

There are two big reasons that financial firms - much like organizations across all industries - could be under distress. For one, malware is becoming more sophisticated, yet easier to disseminate than ever. Second, emerging technologies are creating new vulnerabilities and a widening attack surface. As this 2014 report (PDF) from the New York State Department of Financial Services explains, many banks are pushing out IT projects far before they are ready - a serious security shortfall that Trustwave also noted in our 2014 Security Pressures Report.

From the New York State study:

"While [financial] institutions are aware that the threat landscape is constantly evolving, they may find it difficult to keep up with the latest developments amid competitive pressure to integrate new technologies into their product offerings (e.g., remote deposit capture). Experts have noted that when competition surrounding new product development is fierce, security can lag behind."

So how can financial services organizations fight back? Here are five steps they can take to, in Treasury Secretary Lew's words, do more:

Value security over compliance: According to multiple surveys, compliance remains the top driver for security spending within the financial services industry. But this type of appropriation model often leads to a lowest-common-denominator effect on one's ability to detect and respond to modern-day attacks. Instead of enlisting technologies to solely help you pass an audit, consider advanced measures like web security gateways that defend against malware in real time, network access control to monitor connecting endpoints and SIEM to manage threats. These can also be delivered as managed services for companies lacking the skills, budget or resources to handle security in house.

Test your apps: Organizations must test throughout the build lifecycle, from development through production and launch. Testing can run the gamut across cloud, web and mobile properties (nearly all banks have developed mobile apps) - and range from automated and scalable testing for large volumes of apps to in-person penetration testing of your most critical assets to a hybrid approach.

Get better at response: According to the New York State report, most financial services organizations it surveyed experienced intrusions or attempted intrusions into their IT systems. Breaches are inevitable - and the quicker a compromise victim can respond, the less damage and fallout that will occur.

Share information and be open: Targeted or compromised companies must not be shy or embarrassed. Hiding an incident will do nobody any good. Disclose breaches and share threat intelligence with industry organizations, such as FS-ISAC. Transparency will enable others to stay protected because, chances are, the criminals are using similar tools and techniques against multiple entities.

Train your staff: Malware often gets invited in through an unsuspecting user. Ensure your employees - and anyone with access to the network - is trained to be on the lookout for social engineering ploys and is mindful of company policies, such as password complexity that will stand up to cracking tools.

To be fair, financial firms like banks aren't entirely at fault. In many cases, attacks start by targeting the computers of banking customers to steal their account credentials - a type of attack known as corporate account takeover. This, in turn, leads to hackers being able to siphon out money from accounts.


Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.

Latest Trustwave Blogs

Unlock the Power of Your SIEM with Co-Managed SOC

Security information and event management (SIEM) systems play a pivotal role in cybersecurity: they offer a unified solution for gathering and assessing alerts from a plethora of security tools,...

Read More

Trustwave SpiderLabs: LockBit 3.0 Ransomware Most Common Malware Used to Attack the Manufacturing Sector

As the manufacturing sector continues its digital transformation, Operational Technology (OT), Industrial Control Systems (ICS), and Supervisory Control and Data Acquisition (SCADA) are becoming...

Read More

Trustwave’s Observations on the Recent Cyberattack on Aliquippa Water Treatment Plant

The attack last week on the Municipal Water Authority in Aliquippa, Penn., that gave threat actors access to a portion of the facility’s pumping equipment has spurred the Cybersecurity &...

Read More