Your executive board has just been notified of a spammy-looking demand from “North Korean” attackers to pay ransom on threats of releasing sensitive client information: What do you have to do? Do you have a continuity plan? And if so, is it so grand that there’s no possible way that everybody knows what they should actually be doing?
This is the simulation presented at a cybersecurity summit specific to the financial services industry*, and the huge discrepancy in actions suggested by the audience should be a wake-up call, because regulators are moving towards handing out penalties and fines.
While the old adage of “I rob banks because that’s where the money is” still holds in the cyberage, attacks on financial services are not just about an immediate theft of money: it’s also about gaining access to customer datasets as well as theft of policy information, and technical network and system data.
The fact is that the financial sector is constantly becoming ever more complex and diverse, particularly when it comes to the roles third-party providers and fintechs play. It’s in this context that highly motivated and adaptable adversaries operate and as the climate worsens, experts are warning to prepare for a lot more extreme weather events.
This content requires registration. Get access today by signing up here.