Why Financial Services Organizations are Increasingly Migrating to the Cloud
Security threats and data breaches in the financial services industry are prompting organizations to increasingly synchronizetheir security and privacy practices.According to the Cyber Security in Financial Services report by VMWare’s Carbon Black group, the industry is subjected to the highest rates of attack of any vertical, and the source of one-third of all data breaches.
At the same time, the rapidshift toremote work, accelerated by the COVID-19 pandemic, has facilitated the need for digital transformation. Security and IT teams are working tirelessly to meet company objectives and to stay ahead of new threats, like those that have come from employees working from home where security is likely not as robust as in the office.
To seize the opportunities triggered by cultural and technological shifts of our times, financial institutions (FIs) are turning to cloud computing to help them address these strategic needs while alsoembracinga more strategic approach to security.
However, simply moving to the cloudis not enough. There are many challenges and obstacles to overcome, particularly as cybercriminals become wiserand continue to target FIs. As such, these organizations oftenfind themselves turning to a third-partyto help ensure their cloud migration is done with security and compliance in mind.
What makes FIs a favorite prey
The high value of personally identifiable information (PII) that FIshold make them an attractive target for cybercriminals. From home addresses to Social Security numbers to details like account routing numbers, it’s easy to understand why banks and credit unions cannot afford to let their guard down.The PII that FIs collect, store and process can be used for identity theft and phishing attacks. Plus, this data provides criminals a direct path for accessing the financial assets of customers and members.
The2019 Data Risk Report by Varonisshows that FIsaveraged 352,771 exposed, sensitive files. In comparison, the runner-up segment in this narrative, Healthcare, Pharma and Biotech, averaged113,491 exposed, sensitive files – less than one-third of FIs. And that was pre-pandemic.
From February 2020 to April 2020 alone, VMWare Carbon Black’s Modern Bank Heists 3.0 report reveals thatcyberattacks against the financial sector increased a whopping 238%. The annual study, which takes the pulse of some of the industry’s top chief information and security officers (CISOs) and security leaders, also found that ransomware attacks against the financial sector increased ninefold during the same timeframe.
It’s no wonder sincemany FIs, a notoriously conservative group, found themselves rapidly and unexpectedly rolling out solutions that included adopting new technology – making the industry a perfect target for cybercriminals.For instance, increased deployment of, and reliance on, digital channels led to a spike in onlinebanking traffic. At the same time,larger volumes of remote employees found themselves suddenly working on laptops that FIs quickly purchased, prepped and shipped to their staff earlier this year. And since many homes lack the secure infrastructure that comes with working in-office, cybercriminals’ access to PII has become an easier target.
Cloud, done right, improves security
As such, FIs are rethinking their stance on the cloud. Cloud computing allows companies to take cybersecurity infrastructure digital without a need for hardware or office facilities. With the right resources, the cloud can also provide greater data-security, regulatory compliance, flexibility and support. And because it often creates separate access points for different resources, the cloud helps mitigate cyberattacks by limiting them to a smaller resource area since data no longer resides in a server room.
However, most cloud-based technology is provided by fintechs who leverage cloud platforms like Amazon Web Services (AWS) or Microsoft Azure – both of which are easily deployed and integrate platform-related security measures. But they aren’t necessarily familiar with the financial services space. Therefore, FIs looking to migrate to the cloud should thoroughly examine the cybersecurity that these providers offer.
“AWS/Azure is easy from a deployment perspective, but how do we monitor these platforms for cybersecurity? A lot of these tools are open source, but these tools might not be fully vetted,” said one FICISO who was interviewed for The Cloud on the Horizon, a Cornerstone Horizons’ report on how cloud computing is bringing new cybersecurity concerns to financial services.
Finding the right technology help
Cloud aside, FIs....-->
Security threats and data breaches in the financial services industry are prompting organizations to increasingly synchronizetheir security and privacy practices.According to the Cyber Security in Financial Services report by VMWare’s Carbon Black group, the industry is subjected to the highest rates of attack of any vertical, and the s...