Top 3 Challenges to Fintech in a Post-Equifax World

The Fintech ecosystem can’t seem to catch a break. It’s been over six months since the first details of possibly the largest security breaches in history — the Equifax data breach — were made public, and we’re still struggling to deal with the aftermath as new information continues to emerge.

The WannaCry ransomware attack that hit FedEx, among many many others worldwide nearly a year ago, still seems to be producing copycats. And then there’s the 2014 JP Morgan Data Breach, still considered a doozy —  tens of millions of people, and seven million businesses affected — coming to a jaw dropping total of 83 million customers. That time, five hackers used malware, social engineering, and spear-phishing attacks to plunder emails, addresses, phone numbers, SSNs, and other customer information, not just from JP Morgan itself, but other related financial institutions around the same time.

Last year’s 2017 Financial Industry Cybersecurity Research Report highlighted the fact that financial institutions fall victim to breaches more often than companies in the telecommunications, transportation, food, manufacturing, and pharmaceutical sectors combined. As cybercriminals find new ways to attack, breach, and exploit organizations, threat patterns such as phishing, spear-phishing, and social engineering evolve and become more sophisticated.

The report provides us with some troubling data:

  • 45% of the financial firms had at least one malware event between March and August 2017, a proof point that hackers frequently target the financial industry.

  • The financial industry has difficulty managing third-party security risks that arise from the availability of leaked credentials and exposed passwords

  • With respect to cybersecurity health, only 25% of the 20 Highest Performing FDIC- insured banks received an ‘A’ grade in DNS Health.

The report makes it clear that financial organizations need solutions that assess and manage vulnerabilities and their vendor’s vulnerabilities in real-time, to (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – WhiteSource authored by Ayala Goldstein. Read the original post at: