The past year brought on or exacerbated several trends in IT security facing the U.S. financial industry. Going into the third year of this pandemic, the same cyberthreats are expected to continue and potentially escalate if not checked, according to research from Aite-Novarica Group.
IT security is “a difficult and important topic, perhaps the most difficult and exciting issue in the market today,” said John Horn, cybersecurity practice director for Aite-Novarica Group, commenting during a webinar last week on these issues.
Ransomware, DataSecOps, zero-trust architectures and managed security have all evolved in recent months, according to Aite-Novarica Group’s Top 10 Trends in Cybersecurity 2022: Combating Industrialized Cybercrime Attacks.
“We all wish we had a crystal ball,” said Tari Schreider, strategic advisor for Aite-Novarica Group. Financial firms have seen a 1,300% increase in ransomware attacks, according to TrendMicro data cited by Schreider. “When you are facing an army of hackers with nothing better to do, and a strong inclination,” he adds, “it’s hard to compete with that.”
Ransomware in particular is not only becoming a more common attack on large and small U.S. financial institutions, but it has “become the preferred weapon of choice for nation-state cyber aggressors,” he says, adding that many countries have sanctioned or tacitly support these cyberattacks to make money or to potentially damage the reputation of notable U.S. companies.
“They’re waging a war against the U.S.,” Schreider continued.
And the barrier to entry has decreased, as would-be cyber thieves with even limited skills can now buy a “ransomware-as-a-service" kit on the dark web for less than $40, Schreider said. Hence, nation-states and other more powerful cyber-aggressors have flooded the field, as Schreider references Donald Rumsfeld’s oft-cited insight, “Kinetic war is going to give way to the digital battlefield, dropping bombs is less effective than what people can do."
Schreider also expects that the growing “deluge of data” that complicates security issues for financial service institutions will change how these FSIs use data-focused security platforms. “SIEM platforms are very expensive data repositories,” Schreider said.
He added that as security event data continues to grow exponentially, financial firms need to consider how they can better manage this data and pair their SIEM with security orchestration, automation and response architectures. “Too many banks are making their security decisions based on licensing terms rather than their own cyber strategy,” he said.
Managed security service providers that support financial institutions are not only having a heyday, they are growing aggressively through acquisition, according to Schreider. “The market is saturated and there is a lot of mergers and acquisitions,” he says. But as this market matures, the demands of their financial industry customers have also evolved. Schreider said that financial firms will be increasingly focused on the outcomes of working with MSSPs, requiring guarantees in regard to security support.
According to Schreider, banks are saying, “I want to sign and I want the pain to go away."