Europe’s third country conflicts pose cyber risks to the Finance sector
As a result of current geopolitical tensions and conflicts, difficulties and precarious situations have arisen on political and economic levels worldwide. Struggles against land and life, economic sanctions as well as trade restrictions are threatening effects that Europe has to deal with these days. Another threat that must not be underestimated is targeted cyber attacks by states that see their own interests or those of countries in solidarity at risk. The financial sector is identified as one of the most vulnerable critical entities, despite strict regulations.
Producers and operators of critical infrastructure have been targeted more often than average within the past 12 months. In around half of the cases, economic cycles, human life and ultimately our ability to function as a society in Europe were at stake [Bitkom]. One thing seems certain: the number of cases will not decrease.
The most frequently affected sectors of the critical infrastructure (abbreviation KRITIS) in Germany are energy and water management, telecommunications and finance. Compared to other critical sectors, financial service providers have above-average deficiencies in the area of technical information security [German Federal Office for Information Security]. The reasons for this lie in the advanced level of digitization in this sector. Distributed denial of service (DDoS) attacks are particularly typical, flanked in the worst cases by ransomware attacks. Six-digit ransom sums are not uncommon – if payment is made, it is in Bitcoin.
Managed security service or own Security Operations Center?
Digitalization and securing business continuity have become a high priority in the finance industry. Cyber security has now become a decisive tool on board level for further development of financial services. Managed security service providers can make an important contribution to business continuity in the financial sector. For example, in financial companies where an in-house security control center cannot (yet) be implemented, a Cyber Defense Center (CDC) – also known as a Security Operations Center (SOC) – can be contracted. According to a recent Lünendonk study on cyber security in the financial sector, 24 percent of customers in German financial sector already rely on SOC security services. The ideal case is IT monitoring and a Risk & Security Cockpit through RADAR Solutions that are operationalized and provided directly on site at the customer’s premises. Customer data never leaves the corporate environment at any time during the provision of the service.
Furthermore, annual analyses of millions of security-critical incidents – as well as personal exchanges with customers in the security departments – provide leading CDC providers with a reliable picture of the threat landscape. Each individual customer also benefits from built-up use case collections. The more financial services the more organizations rely on a vendor’s managed security services and the more its technology grows to include monitoring and correlation capabilities. Leading providers of self-developed European security technology also enable the highest data protection standards to be guaranteed.
According to the Lünendonk study, around 14 percent of organizations in the financial sector already operate their own cyber defense center. It is expected that the trend for companies in the financial sector to set up their own security control center will double in the next five years.
The tide of cyber attacks on critical infrastructure, particularly in the financial sector, will intensify in the future. Therefore, organizations that invest into early detection extensively will be best protected from the far-reaching consequences such as financial loss and damage to reputation.