What financial organizations should be doing to stay vigilant and protect themselves
Michael Kirby II, Head of Managed Risk and Security Services, FIS
November 01, 2021
Cybersecurity Awareness Month just ended, but that doesn’t mean the conversation around cybersecurity should. Financial institutions, more than ever before, are looking to technology that enables them to be more efficient and effective at their business. With that efficiency comes the risk of malware and cyberattacks, with cybercriminals looking for ways to exploit systems or solutions for monetary gain. Everyone assumes that some level of cybersecurity is already in place when talking about financial institutions. The question becomes about efficacy. Organizations that look at cybersecurity with an equal emphasis on being proactive and reactive are the ones that succeed in the endeavor, whereas those that put all their eggs into a reactive basket or use less resources on the proactive side, typically fail at safely defending themselves.
The cybersecurity landscape has changed dramatically in recent years. Gone are the days of piecemeal security tools and individual IT “gurus”. Today, cybersecurity has matured into a discipline that requires professionals trained in specialized areas of security and a scalable combination of complementary tools.
It is critical to remain ever-vigilant, including being on the lookout for ransomware attacks, and to continuously protect your organization’s data. Especially in the face of recent statistics:
- In 2021, there is a ransomware attack every 11 seconds, up from 39 seconds in 2019
- Q2 2021 was witness to the most ever ransomware attacks
- New breach techniques have proliferated, with 35% of breaches having leveraged new techniques in 2020
- The average total cost of a data breach in 2020 was $3.86 million and took an average of 280 days to identify and contain
Why cybercrime is at an all-time high
Clearly, the risks and threats have never been more present and urgent than they are now. In the race to get products or services to the market, there is danger in taking shortcuts that are seemingly inconsequential. And, at times, the “good guys” underestimate the sophistication and reach of the “bad guys”. But it is those small cracks that the cybercriminal waits for and has become much more adept at exploiting. In fact, cyberattacks now are not just perpetuated by small groups; they have become well-organized operations, even selling/leasing their cybercriminal services, software, and solutions like a Software-as-a-Service (SaaS), positioned as Ransomware-as-a-Service.
Cybercrime is more lucrative than ever, and the huge payoff outweighs the cost of doing business – or being caught. As a result of the pandemic, a number of organizations were under pressure to give employees the ability to log in remotely, but probably didn't take enough time to consider the security implications, providing cybercriminals with easier targets. Which explains how/why cybercrimes are up by 600% in the wake of COVID-19.
How FIS can help your organization combat ransomware attacks and improve your cyber resilience
FIS has a highly developed cybersecurity practice internally, with a focus on people, processes, and tools. While ensuring internal security, we have taken many of those same solutions and incorporated them into services that we provide our clients.
In line with this year’s theme for Cybersecurity Awareness Month, ‘Do Your Part. #BeCyberSmart’ let’s look at what financial institutions should be doing to protect themselves from attacks by increasingly sophisticated cybercriminals.
“A managed extended detection and response (XDR) solution is one of the best ways to stay safe from cybercrime. FIS Managed XDR is our fully managed extended detection and response service that provides advanced threat intelligence and hunting, 24/7/365 security monitoring, and incident analysis and response. This cloud-native, FIS-managed cybersecurity solution is backed by the power of FIS Grade Security — the same tools we use to protect ourselves — designed for all areas of your network, endpoints and environments.”
A key factor in successful protection against cyberattacks is patching and eliminating vulnerabilities quickly. In many of the big attacks that occur, the organization did not patch on time and aggressively enough, which left them open to attack. FIS follows patching deployment practices developed as a result of proven and repeatable processes. Customers who engage with us and follow our “patch often and patch fast” advice, find that they are in a strong security posture, in turn reducing targets for the threat actors.
Another important element to protect organizations in the event of a ransomware attack, is a data backup and restore solution. FIS Data Restore is one such solution that ensures the organization’s important data is first secured away from their primary data center, and second, provides a backup of the data that can then be accessed and utilized should all other backups and restore methods fail.
FIS brings strong experience and the tools to help financial institutions guard against cybercriminals. We recommend educating everyone across the organization, creating a holistic defense, and investing in tools and processes to keep the cybercriminals at bay. ‘Do Your Part. #BeCyberSmart’.
In over 15 years in the managed security services space, we have invested heavily to create robust cybersecurity solutions that give all types of organizations the ability to be more resilient. Our managed security services are designed to make it more difficult and costly for cybercriminals to attack.”