Financial service providers lull themselves into a false sense of security

November 8, 2022

Trend Micro, provider of cybersecurity solutions, releases a new study that reveals financial services companies feel better protected against ransomware than any other industry. However, security gaps in the supply chain and insufficient attack detection represent a source of risk that should not be underestimated.
The study by the Japanese security provider found that 75 per cent of respondents from the financial sector believe they are adequately protected against ransomware. This is far above the cross-industry average of 63 per cent. This confidence is only partially justified:
While 99 per cent said they regularly patch their servers for externally visible systems. 92 per cent secure their Remote Desktop Protocol (RDP) endpoints and 94 per cent restrict email attachments to reduce the risk of malware.
However, 72 per cent of respondents also admitted that their company has been compromised by ransomware in the past. As many as 79 per cent consider their industry a more attractive target for attack than other sectors. However, this awareness of an increased risk of attack in the financial services sector is not always reflected in the corresponding measures.
About two-fifths do not use detection and response tools on their networks (40 per cent) or endpoints (39 per cent). This could be the reason for the low detection rates of ransomware activities. Only a third (33 percent) said they can track lateral movements in the network and only 44 percent see themselves as being able to identify an initial intrusion.
On the other hand, it is encouraging that about half of the financial service providers surveyed (49 per cent) already have Extended Detection and Response (XDR) in place, which covers multiple layers of the IT infrastructure.
Trend Micro also revealed significant cyber risk to financial services firms from third parties:

  • 56 per cent of respondents note that their suppliers – primarily partners (56 per cent) and subsidiaries (29 per cent) – have already been compromised by ransomware.
  • 54 percent believe their partners have made them a more attractive target for attack.
  • 52 per cent say that a significant number of their suppliers and service providers are small and medium-sized enterprises that may have fewer resources to devote to security.

Despite this, a quarter (24 per cent) of companies in the finance sector do not share threat information with their partners. For suppliers, this figure rises to 38 per cent. An even larger proportion of respondents (42 per cent) refuse to cooperate with their broader ecosystem in this regard, the study found.
“Greater collaboration and information sharing with third parties helps improve the security posture across the supply chain,” says Richard Werner, business consultant at Trend Micro. “However, without adequate detection and response capabilities, companies are often unaware that they are even exposed to an attack. Financial services executives know that they are a worthwhile target for ransomware actors. It’s time to turn that awareness into action.”

More study results can be found in English here: https://www.trendmicro.com/explore/glrans

About the study
Trend Micro commissioned Sapio Research to survey 2,958 IT decision makers in 26 countries, including the UK, France, Germany and the US, in May and June 2022.

Genetec

Related Articles

Belgium becomes football world champion, at least digitally

> The big digital check for the World Cup by nexum AG> Germany in 3rd place behind the Netherlands, but ahead of England, France and Spain In the next four weeks, the sporting world champion will be determined among the best football teams. But already today a winner...

Every fifth German open to e-prescription

Every fifth German open to e-prescription

Seniors over 65, however, are in favour of the completely analogue or predominantly analogue variantOne in five Germans would want to redeem a doctor's prescription exclusively digitally in future. Another 21 per cent would choose the digital option for the most part....

Stupid pupils cost the economy around 700 billion euros

Stupid pupils cost the economy around 700 billion euros

According to the ifo study, two-thirds of young people globally do not achieve basic skills Two-thirds of young people worldwide do not achieve basic skills that should be taught in school. This is according to a new study by the Ifo Institute (https://ifo.de). In...