Subscribe
About

How to elevate cyber security for financial services companies

Automation is key to agile incident detection and response.
Automation is key to agile incident detection and response.

The technology landscape is changing rapidly, presenting new challenges for security in the financial services sector. Generative artificial intelligence, automation, data management and integrated finance are just some of the trends that are transforming this landscape. “As the demand for personalised experiences grows, the challenges of ensuring data security and privacy are increasing, among other things, making it harder to manage digital identities,” says Dominic Richardson, CEO at Dolos.

In parallel, data growth and cloud adoption are expanding the attack surface, which means better vulnerability management and incident response are required.

In this scenario, financial institutions face a range of increasingly sophisticated and damaging cyber threats.


Over the past 20 years, approximately 20% of reported cyber incidents have impacted the global financial sector, resulting in direct losses of $12 billion for financial services companies, according to the IMF Global Financial Stability Report. Since 2020, these direct losses have amounted to around $2.5 billion, which highlights the increasingly complicated situation this sector faces.

To protect themselves effectively, financial institutions need to be aware of the main threats to their industry. According to Verizon 2024 Data Breach Investigations report, the top cyber threats the financial sector faces are:

1. System intrusions

System intrusions have become the main threat to financial institutions, displacing other attack patterns. This shift indicates a transition towards more sophisticated attacks. The rise in intrusions suggests that cyber criminals are resorting to advanced tactics to breach the security of these financial services companies.

2. Social engineering

The use of this tactic shows that cyber criminals are investing more effort in compromising internal users and exploiting the human factor, which remains a key weakness in most organisations.

3. Miscellaneous errors

Miscellaneous errors, such as mis-delivery of information, insecure system configurations, and data loss, continue to represent a serious security problem for this sector. These incidents are often caused by human oversight or human failure, rather than targeted attacks.

4. Use of stolen credentials and ransomware

The use of stolen credentials and ransomware attacks is closely related to the pattern of system intrusion. Credential theft allows cyber criminals to move laterally and escalate privileges. Once inside systems, criminals often deploy ransomware, causing major operational disruptions and significant financial losses.

5. Supply chain vulnerabilities

The report mentions that 8% of the cases were linked to the MOVEit incident, demonstrating how far-reaching these breaches can be.

Given the growing sophistication of cyber threats, financial services companies must adopt a comprehensive approach to security. An ideal solution is to implement a unified platform for security, which integrates various different tools into a single environment to simplify management and gain a complete overview of the IT ecosystem.

Automation is key to agile incident detection and response. Streamlining security tasks minimises the risk of data breaches and theft of sensitive information. In addition, advanced AI can be deployed to identify sophisticated threats and malware at the endpoint, proactively protecting financial institutions’ critical assets against new tactics developed by cyber criminals.

Moreover, such solutions also strengthen credential security through MFA, which is a critical line of defence today, preventing unauthorised access to sensitive systems and data. Learn more about how financial service companies can protect themselves against potential attacks by reaching out to the experienced team at Dolos. They will assist you in setting up a complimentary assessment, tailored to your organisation’s unique requirements.


Share