New and old financial businesses alike are transitioning into the digital space each day and we’re excited for them. Digital opens up a whole new world filled with accessibility, dimensional buying and selling, and more efficient service. However, this innovative change comes with great responsibility and risk, especially when it comes to security.
Earlier this year, Equifax was victim to a security breach that led to 143 million people having their personal information stolen (and I mean personal: social security numbers, credit card numbers - the big leagues). If you weren’t one of those 143 million people, that’s great (if you’re not sure, check here); but don’t go into full celebration mode just yet. The Equifax scandal is only one of the many cybersecurity breaches in financial services, and it sure won’t be the last. Cyber-attacks are becoming more intricate and strategic each day. Because people rely on digital for finances - from communicating with financial planners to sending rent - finance companies are especially vulnerable to cyber-attacks from all angles.
Why is there an increase in cybercrime?
If a thief steals a rare diamond necklace out of a store, it would be hard to sell to a regular market. Most thieves bring their stolen goods to a black market, which is called “the dark web” in the digital world (we have an article on it, read up here). This allows cyber-thieves to sell their stolen information and products online to the right audiences with similar deviant interests. Buyers and sellers are able to remain completely anonymous on the dark web using a special currency called Bitcoin. This currency gives buyers complete anonymity because transactions are made without a middleman - no banks, no transaction fees, you don’t even need to put your name down.
With the dark web becoming a well-oiled machine for criminal activity, 45% of financial service firms across the globe have experienced between one and five breaches in the past year. This has significantly increased fears of breaches and theft, causing the National Association of Insurance Commissioners (NAIC), to make tighter cybersecurity regulations a top priority for 2017.
What can you do?
Stay Up to Date
Staying on top of every cybersecurity regulation might seem like an overwhelming task, but it’s an important one. Tools such as Touchpoint Manager and MailControl can help by monitoring your assets and emails to minimize the glitches and weaknesses in your technology. (Bonus: check out three more cybersecurity tools that can help you stay protected.)
To stay submerged in the most current hacks, viruses, and happenings in the cybersecurity world, I recommend subscribing to WIRED’s Threat Level. Threat Level has a really engaging layout to keep readers interested when perusing the site, not to mention the impressive coverage about everything tech; from the latest iPhone trends and privacy to surveillance and cell towers.
As far as cybersecurity investments go, you get what you pay for. Implementing firewalls and basic antivirus software isn’t going to keep professional hackers at bay in today’s technologically advanced age. When building a website, remember that not all Content Management Systems (CMS) have the same levels of security. Those that are easier to use or cheaper may not supply you with the highest level of protection that your finance company needs. We recommend following the advice of your web developers when it comes to this decision. They’re experts in choosing the right CMS system to best fulfill your company’s security needs.
So yes, this does mean you should be investing more time, money, and effort into your company’s cybersecurity standards; but the investment is well worth it. Taking extra security measures will protect both you and your clients from the possibility of greater loss in the future. Prevention is easier than recovery when it comes to cyber-attacks; doubt can cling to a brand name for years after an attack, resulting in a temporary crippling of the brand at best, its total destruction at worst.
According to a study done by Oakwood, there are three very common cybersecurity threats that continue to surface for many financial businesses that we recommend you be on the lookout for.
- Spear Phishing
- Hackers use a sort of email identity theft by sending emails with aliases of people we know and trust. Whether this be a CEO discussing company changes or information regarding your personal accounts, hackers are becoming more creative in their efforts to sound convincing over email.
- Some subjects that have been leveraged by hackers as of late include social media (“your Twitter information needs to be updated”) and newsworthy events (“listen to the leaked recordings taken during the UN conference last night”).
- Dumpster Diving
- So much is exchanged through email that it is almost second nature to toss our old emails into the digital trash and go on with our lives. Unfortunately for financial businesses, hackers tend to target your email trash bins for information that they might use to break into accounts.
- 10 Degrees of Separation
- Within financial services, hackers are notorious for targeting administrative assistants and secretaries to learn the ins and outs of the business. Because senior employees entrust a lot of information with these individuals, hackers have an easily accessible employee to target and from there they can make their way deeper into the company.
2017 is a great time to elevate your financial business through digital. There are endless ways to market and up-sell your services, and customers are given modernized, convenient ways to access their investments and accounts. This being said, around 85-90% of all business assets today are digital, which means it’s imperative to have impeccable cybersecurity to keep information safe. Digital landscapes are constantly shifting and evolving, which means that cybercrime will be doing the same.