Banks are high on the priority list for cyber-criminals as they have lots of money – and data. However, trying to ensure high levels of security often leads to increased complexity. Big banks – especially those with a history of mergers and acquisitions (M&A) - suffer from multiple legacy systems knocked together over many years. Just trying to understand those systems and ensure their information is kept safe is a massive task.

Open Banking, with its emphasis on data sharing between customers and vendors, has the potential for third party risk in the context of API management. In fact, third party risk was one of the top three issues outlined in a recent FS-ISAC report, along with the rise of rogue states and cyber-criminals and the rise in cross-border attacks. Cyber criminals test their attack in one country before hitting multiple continents, as shown by a recent distributed denial of service (DDoS) extortion campaign targeting over 100 financial institutions.

And the situation is not getting any easier.

• The IMF reckons cyberattacks are leading to $100 billion in losses to financial institutions.
• Since the pandemic started, the US FBI reported a 300% increase in reported cybercrimes with 82,000 new malware threats released every day.
• Cybercrime will cost the world $6 trillion this year, up from $3 trillion just a year ago.
• Ransomware increased by 435% in 2020 and the average ransomware payout is $234,000 per event. It’s estimated ransomware cost $20 billion in 2020 (versus just $8 billion in 2018).
  

Verizon’s annual data breach report notes that:

• 70% of breaches were from external actors (however, one insider attack could potentially cause ten times the harm of an external attack, depending on the nature of incident)
• 70% of breaches were against on-premise assets; cloud assets accounted for 24%
• 22% were due to human error - the same as due to social engineering as a tactic across the same dataset.
• Only 50% of all reported vulnerabilities are actually patched in the first quarter after discovery; IT teams that don’t patch in the first quarter after discovery are less likely to ever patch at all.

Last September the US Treasury Financial Crimes Enforcement Network was breached. Large amounts of anti-money laundering Suspicious Activity Reports were leaked which contained sensitive information provided by banks. In August 2020, hackers brought the New Zealand Stock Exchange to a standstill for two days via a DDoS attack.

In our client work we find that most financial institutions operate Microsoft technology within their internal ecosystem. From desktops to server operating systems - even the databases where customer data is processed. These often integrate with other non-Microsoft solutions but the foundational access controls are Microsoft-based in some form. Getting the most out of such investment – and securing that environment - is critical.

Keep it simple
Here’s one way to reduce the complexity: optimize your portfolio. Business growth, M&A activities and other pressures for rapid solutions have led to rapid application sprawl, organizational silos and legacy tools from third parties. This leads to high TCO, a fragmented technology ecosystem and ‘islands of data’. Portfolio optimization reduces operating costs and TCO, simplifies technology architecture and platform admin, improves security compliance, enhances user experience and gets the right balance between standardization and flexibility.

For one of the largest retail and commercial banks we helped decrease TCO and reduce server infrastructure, as recent mergers had created disparate systems. We developed a detailed process designed to scale for multiple Active Directory migrations, including 10,000 servers in 400+ domains. This resulted in $9 million hardware and support savings with a new Active Directory centralized model.

Get the latest insights and advice on how Avanade can help banks improve their security posture.