Can Data Leak from Financial Organizations?
Netwrix published additional findings for the banking and finance industry in its Global Cloud Security Report 2022. Compared to other areas studied, financial institutions are more interested in people, users that have legitimate access to their cloud infrastructure.
Indeed, 44% of respondents in this industry said their own IT staff pose the greatest risk to data security in the cloud, and 47% are concerned about contractors and partners, compared to 30% and 36% respectively in the other verticals surveyed.
“Financial institutions experience accidental data breaches more often than companies in other verticals:
32% of them reported this type of security incident in the past 12 months, compared to an average of 25%. This is good reason for them to be concerned about users who might inadvertently disclose sensitive information. To address this threat, organizations must adopt a non-privileged approach, where enhanced access is granted only when needed and for the required duration,” said Dirk Schrader, Vice President of Research Security Research at Netwrix Reviews.
“Cloud misconfiguration is another common cause of accidental data leaks. As a result, security teams should continuously monitor the health of their cloud configurations, ideally with a dedicated solution that automates the process.
All industries consider phishing to be the most common type of attack they face. However, 91% of financial institutions said they were able to detect a scam within minutes or hours, compared with 82% of respondents in other verticals.
Schrader adds: “While financial institutions are quick to spot scams, it’s important that they continue to educate their employees about this threat as attacks become increasingly common. subtilize. “To increase the likelihood that a user will click on a malicious link, attackers craft personalized deceptive messages aimed at the person responsible for a certain task within the organization and appear to coming from an authority figure. Regular staff training, as well as ongoing operational monitoring, will help reduce the risk of intrusion.”
References:
Helpnet Security, December 2, 2022. https://www.helpnetsecurity.com/2022/12/02/financial-sector-cloud-security/?web_view=true
Progress in Cybersecurity Research
Digital systems have transformed and will continue to transform our world. They have the potential to provide substantial benefits to society and are central to our security, well-being and economic growth. To realize these benefits, we will need strong cybersecurity.
This Royal Society report examines the policy frameworks needed to address these cybersecurity challenges and emerging research challenges over the next five to 10 years.
The UK is uniquely positioned to realize the benefits of an emerging digital society, thanks to supportive government policy, a strong research base and a history of industrial success. These benefits are already substantial, but they are still at stake. Cybersecurity in most organizations lags behind the most advanced technology and therefore does not provide the reliable protection we need. Attacks are on the rise and breaches are causing significant harm to individuals and organizations. This erodes trust and with it the potential benefits that digital systems can bring.
Trust is essential to increase and sustain participation in digital society. Organizations gain trust by acting reliably:
build trusted and secure systems that treat people, their privacy and their data with respect. As part of this, organizations must provide reliable and understandable information to help people understand and assess their security level.
Resilience (the ability to learn and adapt to stress or shock) is key to winning people’s trust. Resilient organizations and systems are best positioned to deliver more useful products and services, and protect their customers in a world of ever-changing and evolving relationships. cyber threat.
Research and innovation can create breakthroughs that help cybersecurity keep up with growing cyber risks. This helps to create a reliable and flexible digital environment. To support advances in cybersecurity research, it is necessary to develop a research funding institution that is more challenging and ambitious, while pursuing research that integrates knowledge from other disciplines. each other and from all over the world.
Translating innovative ideas and methods from research creates a powerful source of trusted, proven solutions for hard-to-predict cybersecurity risks. The best way to do this is to maximize the variety and amount of innovation that comes in the form of products.
Policy, practice and research will all have to adapt. This report makes recommendations to help create a trusted, self-improving, and resilient digital environment that can thrive in the face of unforeseen threats and gain trust. everyone’s thoughts on it.
Reference:
https://royalsociety.org/topics-policy/projects/cybersecurity-research/
Progress and research in cybersecurity.
What is ICSS upto?
CyberSec101: 
Leave a comment