Financial services sector braces itself for cyber onslaught in 2017


10 March 2017
FSI cybersecurity

The financial services sector is likely to remain a top target for cybercriminals in 2017 due to the sensitive nature and value of financial data the industry holds, according to Fortinet. The following are its cybersecurity threat predictions for the financial services industry (FSI) in 2017:

Cloud security will evolve to simplify data protection

 For years, the financial services industry has trailed behind other industries when it comes to moving data to the cloud. Information security concerns remain but recently there have been moves by large FSI organisations to public cloud service providers like AWS and Rackspace.

As cloud adoption grows across the industry in 2017, organisations need to ensure the data being passed to the cloud is put through the same scrutiny as all other data. Visibility into that data needs to be maintained, and security policies and enforcement must be applied consistently regardless of the location of that data. Expect to see cloud security solutions continue to evolve and make protection simpler and more effective. 

2FA comes to the fore as additional layer of defence

To better combat the problem of stolen login credentials, Fortinet expects two-factor authentication (2FA) to come to the forefront as an additional layer of defence in 2017. 2FA combines passwords, which the user already knows, with another type of authentication that is connected to something the user has, for instance a one-time PIN (OTP) sent to their mobile phone.

This keeps traditional login and security measures in place while giving customers (and financial organisations) stronger security when managing sensitive financial transactions.

FSIs to invest in IoT security

It will be impossible to ignore the Internet of Things (IoT) with 24 billion IoT devices expected to be installed across the world by 2020, according to Gartner. The insurance industry in particular is already relying on IoT to align driving behaviour with premium rates by leveraging data from in-vehicle telecommunication devices in some countries. The banking industry is also expected to improve the experience for retail customers with IoT initiatives like personalised customer rewards.

Regardless of how the data is being accessed and shared, it must be secured in order to protect customers. Fortinet expects financial services organisations to control network access, segment traffic, and invest in solutions that can help them manage the complex cybersecurity challenges of the IoT landscape.

Governments will become more involved

Late last year, various groups in the United States called for cybersecurity regulations to be strengthened and pushed for cybercrime to be discussed at global forums such as the the G20 Summit. Cybersecurity will remain a focal point for government action in 2017 and failure to adhere to regulations will result in costly penalties and damaged reputations. This will spur FSIs to look to investing in additional cybersecurity solutions.

Smarter attacks will call for smarter solutions

Cybersecurity solutions are constantly playing catch-up to the complexity of the attacks that are being launched. According to Fortinet, one smarter approach to cybersecurity would be to deploy a security fabric architecture that provides awareness and visibility into all security elements and integrates them into a single, operationalised defence and response system. This allows for centralised orchestration and automation through a single management platform. The fabric should also provide open application programming interfaces (APIs) to enable seamless integration and intelligence sharing with other third-party network and security solutions.