Outside or Internal Attacks, Which is the Bigger Cyber Threat to Financial Services?
Many financial service organizations pay close attention to security measures that can prevent outsider attacks while focusing less on internal threats. No organization likes to think their employees— either maliciously or mistakenly— will cause harm to their organization, but it’s a very real threat.
In fact, IBM and the Ponemon Institute estimated that in 2016, while 50% of data breaches were caused by malicious or criminal attacks, 27% resulted from system glitches and 23% from negligent employees. The balance shifted slightly in the most recent data from the 2017 study which said that 47% of all breaches in this year’s study were caused by malicious or criminal attacks, 28% from negligent employees, and 25% system glitches.
Year-over-year, the balance between outsider and internal cybercrime is neck and neck. So, should financial service organizations rethink their strategy?
What does the data mean?
Most importantly, these statistics reveal that data security strategies need equal protection against both internal and external threats.
Common insider cyber issues
Sometimes these attacks aren’t meant to be malicious, there are instances of glitches or mistakes that can lead to lost data. For example:
- Lost laptops with easily compromised files and folders
- Insecure login credentials that are easily compromised
- Weak infrastructure
While these harmless mistakes may make up a part of the internal threat, there are also more malicious objectives from employees that should be addressed as well.
Insiders, especially in the finance vertical, have access to sensitive information on a regular basis. These employees may also know how the information is protected and where vulnerabilities are. If your employees want to steal it or leak information for personal gain, they likely can do it with greater ease than outsiders.
Common issues for outside crime
Some of the outside crime can also overlap with vulnerabilities from internal negligence. To enter a network, cyber criminals usually need credentials of an internal member. Employees with weak passwords or companies with lackluster password policies may make it easier on cybercriminals. Some common methods and viruses’ hackers use to gain access to your site, software, or network include:
- DDoS attacks
Once inside the system, it can take anywhere from a few seconds to a few months before the attack is noticed.
Which is costlier?
Insider or outsider, there is no good way to be breached. They are both devastating. But is one more expensive than the other?
In general, according to IBM and Ponemon Institute, malicious attacks were more expensive on their face, “Companies that had a data breach due to malicious or criminal attacks had a per capita data breach cost of $236, significantly above the mean of $221. In contrast, system glitches or human error as the root cause had per capita costs below the mean ($213 and $197, respectively).”
Still, there are additional costs associated with internal breaches that are difficult to account for. What if your employee is selling secrets that now limit your revenue growth? How about the cost of attrition, hiring new employees and fixing your reputation?
Internal threats are certainly worth paying attention to.
How to protect your company from both threats
To effectively prevent data breaches, companies in the financial industry need to invest in the infrastructure and expertise to protect themselves. Here are a few tips that can be easily implemented:
- Consider hiring a Chief Information Security Officer (CISO), who is a trained and certified staff member responsible for developing, executing and maintaining a security and emergency incident response plans to ensure you are prepared in the event of a breach.
- Implement employee training on cybersecurity so they can be aware of the importance of password protection, and common schemes that cybercriminals use.
- Require safeguards like stronger password security, more complex passwords that are difficult to hack.
- Keep track of employee access levels and change them accordingly and frequently. Use systems for safe, secure document sharing and only provide access to employees who need it.
- Change passwords regularly and immediately after an employee leaves.
Learn more about how EZPD can complement your current cybersecurity efforts and protect your company both internally and externally.