Trust is the foundation of any business. Once it’s lost, so is the business.
Perhaps no industry is more keenly aware of this fact than the financial services industry. In financial services data is highly valuable — and, therefore, highly sought after by cybercriminals.
The desire to maintain trust, undergirded by a bevy of regulatory requirements, has led financial firms to adopt advanced security technologies like encryption, tokenization, strong authentication and audit logs.
Despite the best-laid plans, however, breaches will still occur. This is partly because while most organizations are busy protecting their networks from outside intruders, most threats come from within.
According to a report from the research firm Ponemon Institute, insider threats cost organizations an average of $4.3 million a year.1 In fact, the 2017 IBM X-Force Threat Intelligence Index2 found that 60 percent of all cybersecurity attacks are caused by employees inside an organization. Of these, 44.5 percent involve malicious insiders and 15.5 percent are precipitated by inadvertent actors.
INSIDER SECURITY BEST PRACTICES
Financial services firms can prepare by creating an incident response plan, monitoring privileged user accounts, implementing user behavioral analytics and conducting forensic investigations.