The ‘Financial Sector, Threat Landscape 2020’ report revealed five top security challenges that the financial sector are currently facing, the risks of future threats, and how to spot these risks before it is too late. Here, CPOstrategy takes a closer look…


We are no stranger to the notion of cyber security, but one industry that suffers the most from cyber security threats is the financial secretary. Key security measures within the sector have evolved dramatically with the likes of key codes, two factor authentication, voice ID, behavioural analysis, one-time passcodes, protective messaging and digital fingerprinting. 

1. Ransomware

Amazingly, the term “ransomware” was only added to the dictionary three years ago. In that time however, ransomware has increased dramatically in terms of the frequency of incidents and the range of methods used to conduct them. Let it be known that the attackers are extremely sophisticated. Once they have your data, who’s to say that your data will be given back or decrypted even if you pay up. Worse still what’s stopping them coming back to attack you again?  The report found that once an attack is made, the bad actor will sell the details on to their associates to go after the victim again after deployment, because the payload can still be there, activated and deactivated.

2. Internal Threats

The report takes a look at the Verizon, 2020 Data Breach Investigations Report (DBIR) where it shows that ‘employees’ mistakes account for roughly the same number of breaches as external parties who are actively attacking’ the organisation. Now isn’t that terrifying? Misdelivery within the company, by which information has inadvertently been sent to the wrong person, stands tall as one of the most common issues when it comes to the notion of insider threats. Next time you forward an email or send one to the wrong person/recipient, click on the wrong mailing list, that’s a misdelivery. In the interests of fairness, misdelivery is almost always accidental and non-malicious, but the effects can be devastating. Especially if sensitive data is inadvertently shared to the wrong recipient.

3) App Developments

There’s an app for that. There really is. Apps in the investment and finance space have grown substantially in 2020 which is of course a good thing, as the ability to invest online is quick and easy, and accessible to all. But, with demand comes rushed development. Many of these apps were developed quickly and quite frankly are not ready for cyber-attacks. So that means no two-factor authentication, no protection from appropriate regulations, are not patched or maintained properly, and do not have contingency plans in place to mitigate the effects of a cyber-attack. What that means then is personal information of app users is relatively easy to steal and sell. This can be done by creating duplicate fraudulent apps to trick the user. On these duplicate apps, the imagery and language of the genuine app is mirrored. Once the personal information is supplied, all the money involved  (real and virtual) is up for grabs. And so begins the circle of ransomware life.  

4) Third-Party Risks

Few organisations work on their own. Quite rightly too. Think about third parties that they use. Vendors, partners, email providers, service providers, web hosting companies, law firms, data management companies, subcontractors. The list goes on. They are all essential to business operations and a lot of these third parties share IT systems and even sensitive information through legal teams so it goes without saying that third parties may very well be an open backdoor into your financial systems for attackers to infiltrate.

5) COVID-19

Yep, even cyber crime has been affected by COVID. It is that unavoidable. Cyber criminals are continuing to target the financial sector even during the pandemic. There has been quite the spike in cyber attacks on banks, financial organisations and the third parties connected to them. Going back to simpler times before COVID-19, if an attacker wanted to sabotage a company or steal data, they would target the business itself. They’d aim their sights at the website, the social accounts, the logins and all their vulnerabilities. In response, organisations had counter measures in place. But now, you just need to target a single remote worker and the house of cards comes tumbling down.


Related Stories

Issue 34 of Interface magazine is live!

Our cover story this month investigates how Fleur Twohig, Executive Vice President, leading Personalisation & Experimentation across Consumer Data & Engagement Platforms, and her team are executing Wells Fargo’s strategy to promote personalised customer engagement across all consumer banking channels

Issue 34 of CPOstrategy is LIVE!

CPOstrategy’s cover star this month is procurement transformation expert, and CEO and Co-Founder of Tropic, David Campbell…

Issue 33 of Interface magazine is live!

Our cover story this month reveals how Sarita Singh, Regional Head & Managing Director for Stripe in Southeast Asia, and her team are driving financial inclusion across the region and supporting SMEs with end-to-end services putting users first

Digitalisation of procurement is a top priority – Globality

There is an urgent need for the digitalisation of the procurement function, according to a new report from leading smart sourcing solutions organisation Globality

Issue 31 of Interface magazine is live!

This month’s cover story reveals the cycles of transformation, being led by CDO Lucho Torres, which are driving the disruptive digital journey at Peru’s second largest financial services group

Issue 30 of Interface magazine is live!

This month’s cover story explores the customer-centric digital transformation journey of leading insurer AXA being led by UK & Ireland CIO Darrell Ryman

Welcome to another packed issue of CPOstrategy!

Our cover story reveals a massive procurement transformation programme at Zendesk

Issue 29 of Interface Magazine is live!

Our cover story examines how Microsoft is accelerating innovation for sustainable growth by providing specialised solutions supporting financial health for enterprises and their customers in the Azure cloud

Issue 28 of Interface Magazine is live!

Our cover story investigates how the latest cybersecurity technologies ensure the Commonwealth Bank and its customers are protected from cybercrime

We believe in a personal approach

By working closely with our customers at every step of the way we ensure that we capture the dedication, enthusiasm and passion which has driven change within their organisations and inspire others with motivational real-life stories.