Kaspersky and third-party statistical agencies earlier in the global questionnaire survey, the financial industry for the threat of cyber attack statistics, and issued a ” financial institutions security risk report 2016 ” and found that financial institutions suffered network security incidents, the average loss Close to $ 1 million ($ 926,000). Kaspersky says 75 percent of fraudsters cheat through social engineering, and only 17 percent use more sophisticated malware to appeal to agencies to underestimate the simpler threat.
The maximum loss occurred in POS vulnerabilities, amounting to $ 2 million
The survey focuses on the major cyber threats faced by financial industry professionals and the economic losses of cyber attacks around the world, revealing the highest losses from financial firms, beginning with the safety of Point-of-Sale (PoS) systems The vulnerability resulted in a loss of $ 2,086,000 for a single agency, second to a mobile device, resulting in a loss of $ 1,641,000 for the business and a third of the targeted attacks that resulted in a loss of $ 1,305,000.
63% of respondents: simply meet the specifications are not enough
Compliance with regulatory requirements is usually the biggest incentive for banks and financial institutions to increase IT security resources, but the survey found that 63% of companies believe that compliance with security specifications alone is not enough.
Another reason for the increase in security budgets is the increasingly complex network infrastructure environment. For example, medium-sized financial institutions use virtual desktop infrastructure (VDI) to manage about 10,000 end users, and about half of them are intelligent Phone and tablet.
Other reasons for increasing IT security resources are mainly lack of internal expertise, high-level management directives, and business expansion, and 83% of respondents are expected to increase IT security budgets in the future.
Kaspersky: 75% of users cheat through social engineering
Studies have shown that financial institutions face security challenges and tend to adopt a method of increasing threat and security audits, and 73% believe that the above measures are effective. However, financial institutions are reluctant to adopt third-party security services, and only 53% of organizations consider it useful. Kaspersky Lab experts, the financial institutions proposed 2017 five security strategy recommendations:
1. Attention to targeted attacks
Targeted attacks on financial institutions may be initiated by third-party companies or contractors who usually have lower awareness of protection and can use malicious programs or phishing as a starting point for attacks.
2. Do not underestimate the simpler threat
Frauds can use simple tools to launch large-scale attacks, with substantial amounts of revenue, 75% of fraudsters cheat through social engineering, and only 17% use more sophisticated malware.
3. Balanced resource allocation
IT budgets usually focus on meeting security specifications, but they also take into account the need to strengthen security and adopt new technologies to achieve a balanced balance of resources.
4. Conduct infiltration tests on a regular basis
Realistic environments often have undiscovered security vulnerabilities that use sophisticated detection tools for penetration testing, and vulnerabilities and incidents have the opportunity to emerge and do not let any weaknesses or vulnerabilities be safe.
5. Pay attention to internal threats
Staff may also be exploited by cyber criminals, and effective security strategies should include techniques to detect suspicious activity in addition to peripheral protection.