Cyberattacks cost targeted firms in the financial sector an average $18 million per incident, $6 million more than similar attacks in other sectors. Additionally, financial institutions also fall victim to cyberattacks 300 times more often than businesses in other industries, a rate that has tripled over the last five years.
While the typical American business is attacked 4 million times per year, the typical American financial services firm is attacked a staggering 1 billion times per year.
- Bhakti Mirchandani, Contributor - Forbes.com
Is your institution prepared to defend against nearly 2,000 attacks per minute? What happens when some of those attacks achieve their mission? Are you prepared for not only the financial loss, but also the regulatory fines, costs surrounding inevitable litigation, additional cybersecurity defenses and personnel post-breach, negative media coverage, and providing your customers with credit monitoring and theft protection services? Even if you have safeguards for all of the above... what about the cost of your tarnished reputation and loss of trust by both customers and what would have been potential customers?
While there are no fail proof methods to thwart all inevitable cyberattacks, there are ways to mitigate your damages and prevent some of those 2,000 attacks per minute all together. A well-balanced football game (whether you prefer the European or American version) includes an equal focus on both defense and offense. Sure defense wins championships, but you have to make it to the big game first, and as we know, that happens when offense wins games. Your cybersecurity game plan should be no different. And while cybersecurity has traditionally meant taking a defensive stand and reacting after an attack, there are multiple ways to stop an attack before the coin is even called in the air. But the real question still remains... where do you start?
Financial institutions would benefit from stronger relationships with specialists in deterring and responding to cyberattacks—those with the authority to hack back, like the military.
- Bhakti Mirchandani, Contributor - Forbes.com
Phishing and Social Engineering attacks account for two of most costly types of attacks on financial institutions. So how do you approach these with an offensive playbook? Create your own phishing and social engineering campaigns and test your employees... Will they spot the potential threat? Or do your employees contribute to the 75% of all security breach incidents that are caused at the hands of internal actors, both intentionally and unintentionally? Education, vigilance and regular testing can mean the difference between recognizing a phishing scam before falling victim to it or being on the paying end of a multi-million dollar settlement. If you're serious about your clients, your institution and your bottom line, its time to approach cybersecurity like its the final minute of the Superbowl (no matter which side you fall on, we feel the analogy is even more appropriate given the current climate)... ATTACK First... Defend Second... Be vigilant always.
For more information on creating a phishing education and training program for your organization, contact us today: info@ryskgroup.com or (866) 797-5699.
#Cybersecurity #Cyber #Banks #CreditUnions #Finance #Offense #Defense #Phishing #SocialEngineering #Ransomware #Malware #Hacking #BestPractices #DataBreach #KnowYourRysk #ReduceYourRysk