Ransomware a Growing Problem for FinServ Organizations, Says Thales

Ransomware a Growing Problem for FinServ Organizations, Says Thales

Ransomware a Growing Problem for FinServ Organizations, Says Thales

Threat actors have reportedly eased pressure on financial services organizations as data breaches have declined, according to Thales.

In his 2024 Data Threat Report for Financial Services Organizationsthe French multinational revealed that the proportion of financial service providers (FinServ) fell from 49 percent to 39 percent.

Additionally, recent breach history has also more than halved since 2021, from 29% to 14%.

However, ransomware remains a major problem for the industry, with the report revealing that ransomware attacks against FinServ organizations continue to grow, with almost one in five (18%) experiencing an attack.

Thales also found that the industry is underprepared for cyberattacks, with many saying they don’t have a plan or aren’t following one.

Only a quarter of those surveyed said they would follow a formal plan in the event of an attack. Likewise, the same percentage of respondents had a ransomware response plan, a concern for the remaining 75% as regulations require them to have a plan in place.

Additionally, 5% of FinServ organizations resolved a ransomware attack after paying the ransom, while 9% said they would pay a ransom in the event of an attack.

“A mix of sensitive, high-value data and strict compliance regulations means ANZ financial services organizations tend to be more advanced than other sectors when it comes to security and overall cybersecurity. While compliance obligations remain one of the industry’s biggest challenges, our research indicates that compliance outcomes drive better security outcomes, leading to fewer breaches,” said Erick Reyes, Director ANZ of data security at Thales.

“As new regulations such as APRA’s CPS 230 come into effect over the next year, FinServ organizations must remain proactive, in control and on top of government and industry requirements.

“What is concerning when we look at new threats from technologies like generative AI and even quantum computing is the general lack of preparedness. Three out of four organizations worldwide have yet to have a formal plan in place in case they fall victim to a ransomware attack. Others continue to struggle with the complexities of securing their assets in the cloud, as well as integrating security into their development and operational processes.

“In environments where critical workloads are hosted and IT and operational technologies are hosted [are] As we continue to converge, cybersecurity strategies focused on comprehensive DevSecOps programs, robust cloud security, and access management are essential to address a sophisticated and rapidly growing threat landscape.

The report shows that lack of regulatory compliance and preparedness is closely linked to data breach. Eighty percent of those who failed a compliance audit in the past 12 months had “one violation in their history.”

Of those who have not failed an audit, only 15 percent have a history of violations, and 3 percent within the last 12 months.

CNET published AI-generated stories. Then his staff pushed back

CNET published AI-generated stories. Then his staff pushed back

Twitter's encrypted DMs are profoundly inferior to Signal and WhatsApp

Twitter’s encrypted DMs are profoundly inferior to Signal and WhatsApp

Leave a Reply

Your email address will not be published. Required fields are marked *