Financial sector ‘highly susceptible’ to cyberattacks

No industry is safe from cybercrime. Even the federal government is hit with a litany of cyberattacks every day, despite the vast number of resources at its disposal. Unsurprisingly, according to a newly released report, America's financial industry is a primary target in hackers' cross hairs.

Financial firms' security woefully inadequate
SecurityScorecard reported the financial industry is "highly susceptible" to the potential for data breaches – a sector that includes investment banks, asset management firms and major commercial banks. Specifically, roughly 95 percent of the 20 most profitable commercial banks headquartered in the U.S. and included in the source's analysis earned a network security letter grade of "C" or lower. The study also discovered that many of those same 20 banks had been infected with malware or a similar malicious program at one point or another.

Sam Kassoumeh, SecurityScorecard co-founder and chief operating officer, said commercials banks seem to be more susceptible to cybercrime due to the frequency of mergers and acquisitions in this space. If two previously separate institutions join as one of their IT environments infected with malware, the virus affects both. But that isn't the only reason why cybercrime is so prevalent in the financial sector.

"Despite major financial institutions spending billions of dollars on cybersecurity annually, this report suggests the financial industry may not be spending those dollars as effectively as possible," warned Kassoumeh.

Furthermore, Luis Vargas, a data scientist at SecurityScorecard, noted that because financial institutions are constantly exchanging information, it's difficult to quarantine transactions, especially after organizations have been compromised. Attackers find their way into IT systems through a wide range of illegal behaviors, including phishing and it's more sophisticated brother spear-phishing. Similar to laundering, phishing involves posing as a legitimate company via email or otherwise in order to trick organizations into revealing sensitive financial data, while spear-phishing is a more targeted version of that process.

"Financial organizations need solutions that assess vulnerabilities continuously and have the ability to see risks and vulnerabilities before a breach takes place," advised Vargas.

Most SMBs hacked this year
Major financial institutions are hardly the only organizations that are under attack. Small-business owners are as well. In a poll conducted by Osterman Research, where IT professionals from over 300 organizations were questioned, over 70 percent of them stated their small- and medium-sized businesses have been affected by malware so far in 2016. Over 40 percent indicated that they were unsuccessful in thwarting at least one phishing scheme, and 36 percent said their IT systems were at some point infected with a virus.

Some of the individuals who responded to the survey worked at businesses in the technology sector. Others included SMBs in manufacturing, financial services and health care.

Regardless of the industry, business interruption is almost inevitable if cybercriminals successfully infiltrate corporate networks. The vicissitudes of life have a way of coming up when they're least expected. The key is having the ability to roll with the punches. Business Continuity Centers provides the necessary tools companies need to keep productivity from feeling the adverse effects through customized strategic planning. Whether the lights go out or IT systems are unresponsive, recovery is possible when in the business-owner batter's box and curveballs are tossed.