From “The Italian Job” to “Point Break”, “Bonnie and Clyde” to “Baby Driver”, many of the most popular heist movies are about bank robberies. As it is in fiction, so it is in fact; when bank robberies happen, they are the source of interest, intrigue and
impact. And as the majority of the world’s financial information lives and moves online, modern day bank robbers have made their way there, too.
For many financial services institutions, competitive advantage lies in the ability to move large volumes of data between public and private cloud services and applications in as agile a way as possible. This near-constant state of flux is necessary in order
to meet customer performance expectations and drive real-time innovation.
However, while increased agility is at the heart of opportunity, it also places an unprecedented security strain on an industry which constantly needs to find new ways to protect itself and its customers.
Keeping pace with a constantly evolving cyber landscape
IT infrastructure has come a long way. The growing adoption of SD-WAN is a prime example of this, helping organisations to increase efficiency and enable digital transformation. But for every advancement in IT, businesses have to develop cybersecurity strategies
to match – all while grappling with savvy criminals always on the lookout for potential weaknesses.
As a result, the modern threat landscape is varied and growing. Whether it’s threat actors exploiting SD-WAN vulnerabilities, coordinated phishing campaigns, rogue employees, Trojan malware, or lone wolf hackers-for-hire, cyber-attacks and data heists now
pose a huge threat to the economy of the financial services sector.
According to IBM’s 2019 Cost of a Data Breach Report, the average total cost of a data breach in the UK is upwards of $3.85m. The interests at play in each of these breaches are varied, but range from a sale on the dark web to alleged political manipulation
at a grand scale. While the Cambridge Analytica Facebook data scandal is hard to quantify in monetary terms, others are more concrete. In 2018, seven UK retail banks, including Barclays, Santander and Royal Bank of Scotland, were forced to shut down or limit
their systems after hacks that cost them hundreds of thousands of pounds to fix.
Creating safety in numbers
Financial services have to keep evolving, whether it’s offering 24/7 account access on the go, or driving forward new innovations in payments. However, it’s also crucial to underpin a seamless customer experience with cybersecurity systems to match. Investing
in the right tools plays a huge part in this, whether that’s firewalls, security tokens, or anti-virus programmes.
But vulnerabilities remain. The financial services industry needs to look a little wider, and explore how organisations can collaborate (rather than compete) with each other to tackle threats. In doing so, they can create safety in numbers – sharing knowledge,
spotting threats and developing solutions faster. And, in the age of Open Banking, ensuring a consistent security posture across the broader data ecosystem.
Some are already making strides towards this, and proving the benefit of a unified approach. In the US, initiatives such as the National Cyber Investigative Joint Task Force (NCIJTF) combine law enforcement efforts alongside the private sector to confront
criminal behavior in cyberspace, notably in the financial sector.
In the UK, a similar initiative took the form of the Financial Sector Cyber Collaboration Centre. Through this, several banks, securities exchanges and insurance firms have come together to fight cybercrime, and collaborate with the National Cyber Security
Centre (NCSC) and National Crime Agency (NCA), in a faster, more coordinated way.
Interoperability for the win
The appeal of taking a collective approach to tackling security approach is clear. However, there’s still work to do – particularly when it comes to giving security experts more clarity between the multitude of products and services on offer; including access
control, data confidentiality, privacy, and breach prevention.
What’s more, there’s the added complexity of products from different vendors not necessarily working effectively with each other – so businesses must also try and prioritise investments in tools that support, not impede, collaboration. Information must be
easily and safely shared and the various tools must work together.
When these parameters are in place, an organisation can get the best possible protection for its individual needs, whether across endpoint, network firewall, or cloud environments; while still gaining access to the shared knowledge of multiple cybersecurity
firms working together to detect threats. This approach offers safety in numbers – and for financial services, it may well be the future of protection.