Several of the most recent devastating data breaches have struck the financial services sector, as well as retailers and other businesses that manage payment and account information. Target, eBay and countless others have been impacted by incidents with growing frequency and intensity, which has has caused members of the public sector to rethink their regulatory practices and increase efforts to stimulate more robust protections among all entities that store, transmit or control financial data.
In many instances, simple compliance with the law is not necessarily the safest route to travel, but rather a minimum requirement to avoid sanctions and fines associated with regulatory missteps. Businesses that handle financial information must simultaneously carry out all of the procedures necessary to cover compliance requirements, while going a step beyond to ensure the most reliable security of systems and information.
New York steps up
Forbes recently reported that the New York Department of Financial Services conducted a report that found cyber attacks are increasingly sophisticated, have been striking banks more frequently and target a greater variety of organizations with the passing of each year. As such, the source explained that the DFS has announced plans to increase risk assessments and reviews at banks in the state, as well as organizations that provide security for those institutions.
Interestingly, the report revealed that banks are following the best practices of security, at least within their policies, and that the diversification of technology has played a major role in the evolution of their strategies. However, Forbes pointed out that penetration tests were not conducted more than once a year by the vast majority of the banks that were surveyed in the DFS study.
Testing and vulnerability checks, as well as subsequent refinements to policies, are critical tenets of a sound security strategy, especially considering the rapidly evolving threats that faces financial services organizations.
Gaining the necessary support
Business leaders in the financial services sector who have not yet considered leveraging more advanced security solutions should do so soon, as hackers are expected to continue to become more aggressive in the coming years. Banks have unique challenges ahead of them because of the higher prevalence of Distributed Denial-of-Service attacks, as well as poor user access management for online portals.
As such, executives must ensure that they are taking comprehensive and proactive approaches to data and communications security, deploying new protective solutions before a major threat rears its head.