Financial Services Cybersecurity Weekly Briefing 06-29-2018

Weekly FS Cybersecurity Blast

Weekly FS Cybersecurity Blast

[VIDEO] NewsJacker June Recap
Cyberthreats from China, voice-activated bank transfers, DNS rebinding attacks pwn-ing home-connected microphones, SCOTUS rules that warrants are required for cell phone surveillance, and more.

Financial Sector Vulnerable to Cyber Attacks, Could Cost $100B a Year: IMF Report

  • Estimated losses are several orders of magnitude greater than the present size of the cyber insurance market. Insurance market for cyber risk remains small with around $3B in premiums globally in 2017.
  • Coverage is limited, and insurers face challenges in evaluating risk because of uncertainty about cyber exposures, lack of data, and possible contagion effects.

OMB’s Government Reorg Plan Tackles Financial Literacy, Cybersecurity
The federal government is currently challenged to recruit and retain cybersecurity professionals “due to a shortage of talent along with growing demand for these employees across the public and private sectors,” the report states. To address this, the Department of Homeland Security and OMB, working in coordination with all federal departments and agencies, are charged with setting up a “unified cyber workforce capability.”

Cyber Warnings Going Ignored as 1 in 4 Companies Still Investigating Alerts Manually
The gap between the need for skilled cybersecurity employees and the people available to fill these roles continues to grow. BAE Systems’ new research shows that the skills gap is the primary challenge keeping organizations from reaching their security goals, with 50% of businesses identifying the lack of staff with the required security skills and expertise as the leading issue.

Cyber Attack Could Cost Bank Half of its Profits, Warns IMF
According to the IMF, the financial sector is particularly vulnerable to cyber attacks, because of its crucial role in intermediating funds. Meanwhile, many banks still use older systems that might not be resilient to cyber attacks, some of which could spread throughout the interconnected financial network. Despite this, quantitative analysis of cyber risk is still at an early stage in financial services, said the IMF, due to the lack of data on the actual cost of attacks, and the difficulties of modelling cyber risk.

Banks to be Subjected to ‘Cyber Stress Tests’ to See if They Could Withstand a Major Hacking Attack
It described this period as the “impact tolerance” and said its goal was to mitigate “systemic risk’ to the financial system. For example it said disruption to a bank’s payments could have an impact on the real economy by preventing customers of that bank from paying for things and accessing their money. Working with the National Cyber Security Centre, the bank plans to test financial services companies’ abilities to recover in the event of a major cyberattack.

 

Stay up to date on the Financial Services Information Security news that you need to know by signing up for our Financial Cybersecurity Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.