The eventuality of a cyber attack is cause for concern for all kinds of organizations, but lately the financial services industry has been especially afflicted. Drawbridge Partners’ Martin Passante explores the growing cybersecurity threat in financial services and how firms can proactively prepare.
Cybersecurity is a growing concern for firms in the financial industry. Whether it is via social engineering or malicious outsiders hacking into a network, cybercrime is on the rise and people are taking notice. Without proper security controls in place, firms’ networks are at risk of intrusion.
Without proper logical and technical controls in place, firms’ employees are more susceptible to phishing and social engineering attacks – the root cause of a great majority of cyber breaches. Firms are also vulnerable in places they don’t even realize or control, such as the third-party vendors they engage with. Proper cybersecurity due diligence exercises are essential to ensure that the third parties a firm engages with have proper practices and policies in place. In addition, due to increased scrutiny from regulators, as well as investor demand for certain cybersecurity precautions in place to ensure their investments are safe, firms have begun to take note and implement various cybersecurity programs.
There are various steps a firm can take to ensure they are checking their cybersecurity boxes.
Firms have begun undertaking cybersecurity initiatives that involve implementing cybersecurity policies (such as information security plans and incident response plans), engaging in phishing exams and cybersecurity training for firm employees, conducting penetration tests on the firm’s network and conducting pointed cybersecurity vendor due diligence to ensure the third parties the firm engages with are secure.
Source: DRJ New feed