The finance industry is one of the most targeted industries when it comes to cyber attacks, second only to healthcare. Between 2009 and 2019 big names in the industry like Capital One and Discover were each breached four times and American Express and SunTrust Bank were both breached five times, according to the Cybersecurity Guide. These attacks come as concerns around Russian retaliation for economic sanctions is placing the US financial sector in the crosshairs of some of the world’s most advanced nation-state and economic cyber actors.
Given this environment, it is no surprise that cybersecurity is one of, if not the top concern for the financial services industry and industry regulators. In 2019 the global financial services market was valued at about $22 trillion, giving hackers a viable target for their next attack because of the significant number of different avenues that make profits possible.
Cyber Attacks Against Financial Firms Have Increased Since the Pandemic
The COVID-19 pandemic changed the way consumers and businesses interact with money. With branches closed, consumers increasingly came to rely on mobile banking and banks were forced to shift traditionally face-to-face services such as mortgages and business loans online. As consumers moved away from cash, banks, retailers and restaurants rapidly moved to adopt contactless payment options rapidly deploying millions of new devices. As a result, cyber attacks in the financial industry have risen 200% since the start of the pandemic, and according to an Allianz report, continue to climb.
During this time the FBI received over 28,500 complaints of cyber-crime and the cost of a breach rose to $5.86M. This cost of breach was driven in large part due to the fact that most breaches were only discovered after being detected by a third party, driving up costs associated with investigating, remediating and recovering from a breach. In 2021 fewer than 25% of breaches against financial firms were discovered internally.
In 2021, the most common attacks against financial services firms involved phishing, credential theft, and ransomware and regulatory agencies such as the FTC and SEC are considering more stringent requirements to ensure financial services firms take the necessary steps to protect consumer data and the stability of the US financial system from foreign interference.
Attack Surface Inventory is Taking Too Long
Randori analyzed data from over 300 IT and security decision-makers on what their enterprises are doing today to provide a broad assessment on the current state of attack surface management. We discovered that the average organization takes more than 80 hours to compile an updated inventory of their attack surface.
With the average cloud instance changing every few days, by the time organizations finish compiling an inventory of their external attack surface it is often already out of date. As attackers increasingly leverage automated techniques to discover and target organizations, the financial services industry is in dire need of more proactive solutions capable of providing up to date, continuous visibility into their constantly changing attack surfaces.
Enter External Attack Surface Management
Over the past two to three years, external attack surface management solutions emerged as a better way than asset management tools or spreadsheets for organizations to discover, monitor and assess the risk associated with external facing on-prem or cloud assets. External attack surface management solutions provide continuous, automated visibility into an organization’s known and unknown attack surface, using a black-box approach to discovery. This outside-in approach and continuous nature, reduces the time, resources and costs required to compile an accurate external asset inventory, identify risks and prioritize remediation efforts. It further allows ASM tools to uncover blind spots, misconfigurations, and process failures security teams relying on asset management solutions alone would have otherwise missed.
Once deployed, ASM solutions help understaffed security teams reduce their risk by automating the discovery and prioritization of external risks so they can adopt a more proactive approach to risk identification, reporting and management. As the SEC and FTC put increasing pressure on financial security teams to demonstrate a more proactive approach to security, EASM is emerging as the ideal first step for many financial services organizations.