Banking Sector

Security challenges facing the banking sector

  • Financial services firms fall victim to cybersecurity attacks 300 times more frequently than businesses in other industries

  • Cyber-criminals may steal or manipulate valuable user data and/or “clone”  banking apps in order to use them for nefarious purposes

  • Portals and banking apps pose a special threat

  • The number of potentially insecure endpoints represent a candy store to cyber-criminals

  • A very digitized world

  • Regulatory pressure is intensifying

 

Financial services firms fall victim to cybersecurity attacks 300 times more frequently than businesses in other industries.

Banking customers are moving away from using cash and checks and relying more on electronic banking to complete transactions. In response to this shift, financial organizations continue to develop more web portals and mobile apps. Although these apps and portals are aimed at increasing convenience and enhancing the customer experience, they pose unique risks in terms of cybersecurity.

 

Cyber-criminals may steal or manipulate valuable user data and or “clone”  banking apps in order to use them for nefarious purposes.

A 2018 study by Accenture reviewed 30 major banking applications and found that all 30 had vulnerabilities ranging from insecure data storage to insecure authentication and code tampering. What is more, a similar study revealed that 85% of the tested web apps had flaws that would permit cyber attacks against users.

 

Portals and banking apps pose a special threat

From the lack of secure data storage to ineffective cryptography, there are a number of reasons why portals and banking apps pose a special threat:

  • Lack of server security
  • Insecure or ineffective data storage
  • Data is not secured in the transport layer from server to client and/or from client to server
  • Data leakage on the user side
  • Inadequate authentication and authorization during user log-in
  • Inadequate or Ineffective encryption
  • Client-side injection (e.g. the injection or execution of malicious code on the mobile device through the mobile app)

 

The number of potential insecure endpoints represent a candy story to cyber-criminals

The cyber risks that plague the banking industry are multiplied when you consider the vast number of users involved. The number of potentially insecure endpoints represent a candy store to cyber-criminals. Recent statistics show online banking accounts for nearly 75 percent of all banking transactions, and this number is only expected to increase.

 

A very digitized Denmark

Denmark is one of the most digitized societies in the world. Combined with the large values handled, this makes the Danish financial sector a target of cybercrime. The Centre for Cyber Security assesses the risk of cybercrime against Danish authorities and private sector firms to be very high.

 

Regulatory pressure is intensifying

Banks must respond to cybersecurity risk not only to protect their businesses but also to meet regulatory requirements and industry standards. Nearly three-quarters of jurisdictions worldwide are planning new cybersecurity regulations, guidance, or supervisory practices for the financial sector within the next year, according to the Financial Stability Board.

Sources:

Attila Security  I  Danmarks Nationalbank  I  InfoSecurity Group  I  Boston Consulting Group