A quarter of finance organizations fail the cybersecurity exam

November 14, 2024

Finance companies are responsible for a lot of sensitive customer data. Unfortunately, with the threat of cyberattacks continuing to grow, most organizations haven’t raised their security standards accordingly. The Cybernews Business Digital Index reveals that 58% of analyzed finance companies worldwide scored a D or worse for their cybersecurity efforts. 

Financial firms need to step up their security game

All businesses should be aware that they can become the next victim of a cyberattack. Finance companies should be even more aware of dangers, as they store customer data such as full names, addresses, and credit card details. Losing this information in a data breach would have massive consequences for the user.

Despite this, according to the index, which grades businesses based on their online security measures, 58% of analyzed finance companies worldwide scored D or worse, with 26% falling into the F category. Only 11% of finance organizations earned an A rating for their security measures. 

Financial organizations in Europe are the most secure, with 15% of them receiving an A rating for their security efforts. In comparison, only 10% of companies got such a rating in Asia, 9% in North America, and 8% in South America. Nevertheless, in all these regions, the most common security rating is a D, except in Asia, where F is the majority.

Most common security issues

The Business Digital Index shows that the most common security issue is related to Secure Sockets Layer (SSL) configurations, with over 160K issues found in 628 financial businesses. In addition, these organizations lost nearly 400K corporate credentials.

More than half (56%) of financial businesses have domains that could potentially be spoofed. Furthermore, researchers found nearly 8,000 critical or high-risk vulnerabilities that hackers can exploit to enter networks and steal information.

Let’s take Truist Bank as an example, which has suffered the consequences of poor network security. In February, its third-party service provider, the debt collector firm Financial Business and Consumer Solutions, discovered unauthorized access to its network systems. 

The breach affected over 4.2 million people and leaked their names, addresses, dates of birth, Social Security numbers, and other sensitive information.

The Business Digital Index also found that some employees were reusing passwords that were already breached. These risks combine to create many weaknesses that cybercriminals can exploit. A data breach can cause significant damage to the business, such as ruined reputation, financial losses, legal penalties, and loss of customer trust.

Image
Image

Results from analysis of 1,182 financial and healthcare companies worldwide.

Related Articles

Rohde & Schwarz at International Security Expo 2024

Rohde & Schwarz at International Security Expo 2024

Loss Prevention and a safe Critical Infrastructure with Advanced Scanning Technology Rohde & Schwarz participates in the annual International Security Expo, taking place in London, from September 24-25, 2024. At booth D30 in the Olympia main hall Rohde &...

Share This