Financial sector faces increased cybersecurity threats

A new survey reveals that the financial industry has faced a surge in attacks, with 64 percent of respondents reporting cybersecurity incidents in the past 12 months.

The study from Contrast Security finds 71 percent of respondents reported zero-day attacks as the key concern to safeguarding applications and APIs, followed by dwell time (43 percent) and lack of visibility into the application layer (38 percent).

"Our research found that the financial sector is facing increasing threats with a noticeable uptick in zero-day and destructive attacks," says Tom Kellermann, cybersecurity advisor for Contrast Security. "We also uncovered that not only are APIs, cloud environments, and applications the attack vectors of choice, but also, today’s motive has changed. Cybercriminals are no longer going after data. Instead, they're island hopping, or hijacking an organization's digital transformation and using that infrastructure to launch attacks against a company’s customers and partners. As tactics and motives evolve, financial institutions need to rethink how they are protecting themselves. Continuous monitoring of the application layer for behavioral anomalies is imperative, and to do that, organizations must implement application defense and response (ADR) to block attacks in production and catch vulnerabilities in apps and APIs."

The research shows that many organizations are still reliant on legacy technology. 82 percent are relying on web application firewalls (WAF) and 61 percent say they consider their WAFs to be effective. However, reliance on WAFs alone is inadequate against zero-day exploits and modern application attacks. In light of all this, it's no surprise that zero days are the top application-related security concern. In fact, fewer than 25 percent say they are confident that their current security controls could mitigate such an attack.

You can get the full report from the Contrast Security site.

Image credit: ktsdesign/depositphotos.com