Cyberattacks the biggest barrier to financial innovation ’s analysis of more than 32,000 security incidents and 3,950 breaches has revealed that the financial sector ranks fourth among all sectors in security incidents (1,509 incidents), and seventh in data breaches (448 breaches). Verizon In addition, these financial organizations suffer the third highest average cost per breach at $5.85 million, which is nearly $2 million more than the global average for all industries, according to Ponemon and . IBM 2020 Cost of a Data Breach Report Fintech security challenges The financial sector has always been a target due to the types of data it collects about its customers. This year, the sector is the of financially motivated bad actors, just as it was in 2019. favorite playground According to Verizon, web application attacks compete with the miscellaneous error pattern for the top cause of most breaches, making employees’ mistakes account for roughly the same number of breaches as external parties. “Pressure on DevOps teams to produce results quickly might lead to security not getting the attention it deserves. Leveraging cybersecurity to gain an edge over competitors leaves fintech organizations and their customers open to cyber risks. But risks can originate from more traditional routes — like phishing emails — and it only takes one person losing concentration to expose the organization to ransomware, data theft, or more,” says Juta Gurinaviciute, Chief Technology Officer at . NordVPN Teams Hackers could target investment apps, online financial data processing systems, and cryptocurrencies, along with providing paid access to banks’ infrastructures and developing new strains of mobile banking malware based on a leaked source code. “The most common threats fintech companies face are phishing attacks and data breaches, as well as cloud and application security breaches,” Gurinaviciute adds. COVID-19 has increased the risk According to a by the World Bank and the Cambridge Centre for Alternative Finance (CCAF), almost four in every five regulators count cyber threats among the top three risks that have increased during the pandemic. new report The same report reveals that, over the course of the pandemic, fintech providers have seen a 15% increase in cybersecurity threats. However, only 29% of them say they have taken any action so far, as more needs to be done to consolidate frameworks and update the policy in this area. With the COVID-19 crisis accelerating the need to become digital-first, financial services firms have been impacted in two fundamental ways. From a network perspective, organizations have had to act quickly to solve issues associated with network redirection and outrage caused by the mass move to remote working. At the same time, they have also been tested to mitigate elevated threats, such as credential stuffing, account hacking, and fraudulent emails. According to NordVPN Teams expert, “no industry is immune to cyber threats, but for financial services organizations the risk has always been significantly higher. Fintech companies are perfectly aware that they’re prime targets for cyberattacks and are usually more secure than digital services in other industries. However, the very nature of fintech companies involves them holding massive amounts of highly sensitive data. Therefore, even the smallest risk, if not taken seriously, could have devastating consequences.” Fintech data protection The fact that many fintech companies are relatively unsophisticated in protecting their data is both good and bad news. The bad news is this means financial and customer information is often not secure. The good news is there are some basic measures a fintech company can implement to prevent future data breaches. Adding a cloud data loss prevention (DLP) service can dramatically reduce the risk of data exfiltration, which is the risk of your data ending up somewhere it doesn’t belong. Improve cloud security. This safeguards both the end user and corporate environment, ensuring that no one is able to decipher sensitive data traffic. Encrypt sensitive data. Secure and precise identification and authentication is vital for fintech software. Role-based access control, password expiration, shorter session lifetimes, and tracking of failed sign-in attempts could help mitigate some of the risks. Secure authentication. Multi-factor authentication across the ecosystem can prevent hackers from moving across the network and gaining additional controls. In more sensitive areas, physical MFA devices and/or biometric authentication is also vital. Multi-factor authentication. Last but not least, although fintech firms are digital natives, one should not assume they do not need digital security training. Security education sets the team for success and should be the backbone of any security strategy. Security education. It’s important for fintech companies to participate in developing risk assessments and frameworks for improving cybersecurity. Industry groups such as the can offer assistance and resources to growing fintech companies. Center for Internet Security Mastercard works with other financial companies through the (FSISAC). And the World Economic Forum’s continues to provide research findings for this sector. Financial Services Information Sharing and Analysis Center FinTech Cybersecurity Consortium

Mastercard

Target

2022 - HackerNoon Contributor of the Year - Cybersecurity

Read My Stories

Nominated for 2022 - HackerNoon Contributor of the Year - Cybersecurity

Too Long; Didn't Read

Developers: Build Less. Deliver More. [Learn how]	

FinTech Security Needs To Be Taken More Seriously Than It Is

Too Long; Didn't Read

People Mentioned

Companies Mentioned

NordLayer

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

FinTech Security Needs To Be Taken More Seriously Than It Is

Too Long; Didn't Read

People Mentioned

Companies Mentioned

NordLayer

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES