It should come as no surprise that the financial sector is the single most targeted industry when it comes to cyber attacks. Financial institutions face 300 % more cyber-attacks that any other sector. The threat has gotten so far out of hand that numerous government agencies fear these cyber criminals are the biggest threat to bank stability. According to SEC Chair Mary Jo White, cyber-attacks are such a grave concern that it overtakes terrorism in the Division of Intelligence’s list of global threats. There is one practice in particular that puts financial institutions at risk of a hack: Working Remote.
In the JP Morgan breach of 2014, 83 million customer records were compromised. That is 83 Million records stolen in just ONE breach. This incident is "the largest theft of customer data" and it all started with one employee working from home.
This attack on JP Morgan should have taught us a number of things according to Claus . First, it should serve as a warning to the power and reach these malware attacks have. Secondly, it calls attention to what we have been saying for months; "your employees are your weakest link". And third, this proves how easy it is for these attacks to stay under the radar. In the case of JP Morgan, the attack was underway for over a month before they figured out what was going on.
Of the attacks that occur because of unsafe remote connections, 75% stem from having weak passwords. Having an in depth comprehensive password policy is a must for all companies, but especially firms in the financial sector. Another way to defend against these attacks is multi-factor authentication. MFA is a strategy that adds an extra layer of security by requiring a code (normally retrieved from your cell phone) to be entered along with your password for access. A strong password policy and MFA are vital but they are only part of the solution. You will need to be prepared with backups, shadow copies, and off site disaster recovery as well.
We have put together a checklist to make sure you are as cyber secure as you can be.