Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

5 Steps for Financial Firms to Get Ahead of the Attackers

Long considered an information security stalwart compared to other industries, the financial services sector has new reason to be on guard against cyberattacks.

In July, Treasury Secretary Jack Lew told a conference of investment executives in New York that "far too many hedge funds, asset managers, insurance providers, financial market utilities and banks could be doing more." He explained that a successful attack on one of these entities could have grave consequences for the financial system at large.

These companies have it tough. They are in the cross-hairs of a range of attackers, from state-sponsored adversaries bent on stealing trade secrets and intellectual property, to financially motivated crooks after an easy buck, to disruption-seeking hacktivists.

There are two big reasons that financial firms - much like organizations across all industries - could be under distress. For one, malware is becoming more sophisticated, yet easier to disseminate than ever. Second, emerging technologies are creating new vulnerabilities and a widening attack surface. As this 2014 report (PDF) from the New York State Department of Financial Services explains, many banks are pushing out IT projects far before they are ready - a serious security shortfall that Trustwave also noted in our 2014 Security Pressures Report.

From the New York State study:

"While [financial] institutions are aware that the threat landscape is constantly evolving, they may find it difficult to keep up with the latest developments amid competitive pressure to integrate new technologies into their product offerings (e.g., remote deposit capture). Experts have noted that when competition surrounding new product development is fierce, security can lag behind."

So how can financial services organizations fight back? Here are five steps they can take to, in Treasury Secretary Lew's words, do more:

Value security over compliance: According to multiple surveys, compliance remains the top driver for security spending within the financial services industry. But this type of appropriation model often leads to a lowest-common-denominator effect on one's ability to detect and respond to modern-day attacks. Instead of enlisting technologies to solely help you pass an audit, consider advanced measures like web security gateways that defend against malware in real time, network access control to monitor connecting endpoints and SIEM to manage threats. These can also be delivered as managed services for companies lacking the skills, budget or resources to handle security in house.

Test your apps: Organizations must test throughout the build lifecycle, from development through production and launch. Testing can run the gamut across cloud, web and mobile properties (nearly all banks have developed mobile apps) - and range from automated and scalable testing for large volumes of apps to in-person penetration testing of your most critical assets to a hybrid approach.

Get better at response: According to the New York State report, most financial services organizations it surveyed experienced intrusions or attempted intrusions into their IT systems. Breaches are inevitable - and the quicker a compromise victim can respond, the less damage and fallout that will occur.

Share information and be open: Targeted or compromised companies must not be shy or embarrassed. Hiding an incident will do nobody any good. Disclose breaches and share threat intelligence with industry organizations, such as FS-ISAC. Transparency will enable others to stay protected because, chances are, the criminals are using similar tools and techniques against multiple entities.

Train your staff: Malware often gets invited in through an unsuspecting user. Ensure your employees - and anyone with access to the network - is trained to be on the lookout for social engineering ploys and is mindful of company policies, such as password complexity that will stand up to cracking tools.

To be fair, financial firms like banks aren't entirely at fault. In many cases, attacks start by targeting the computers of banking customers to steal their account credentials - a type of attack known as corporate account takeover. This, in turn, leads to hackers being able to siphon out money from accounts.

 

Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.

Latest Trustwave Blogs

Using Trustwave DbProtect and Offensive Security Solutions to Protect Against Nation-State Cyber Threats

The US Director of National Intelligence (DNI) earlier this month gave a stark warning to the Senate Armed Services Committee detailing the cyberthreats arrayed against the US and the world from...

Read More

Defending the Energy Sector Against Cyber Threats: Insights from Trustwave SpiderLabs

It has always been clear, even before the Colonial Pipeline attack, that the energy sector is a prime target for not only criminal threat groups, but also nation-state actors. After all, halting fuel...

Read More

Trustwave SpiderLabs Unveils the 2024 Public Sector Threat Landscape Report

Trustwave SpiderLabs’ latest report, the 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies details the security issues facing public sector...

Read More