Industry Focus: FINANCIAL & INSURANCE
Information Security insight and trends affecting the Financial and Insurance Industry
The Financial and Insurance sector remains a top target for cyber criminals and the financially motivated organised criminal element, primarily due to the kinds of data it collects from its customers. Despite the threats posed by cyber criminals and other external actors, 2020 saw employees’ mistakes account for roughly the same number of breaches as those inflicted by external actors.
Hit... and Misdelivery
Misdelivery (sending information to the wrong person), continues to present a real challenge for organizations in the Financial and Insurance sector. This can be with electronic data, such as an email sent to incorrect recipients, by autofill in the “To:” field or via mass mailing that is incorrectly addressed.
How is this best remedied?
Security Awareness and Training Program
Whilst there are technical measures that can be implemented to help reduce this risk, the education of employees (both on malicious attacks and the accidental breaches) is also vital in reducing the risk further.
Many organisations look at Security Awareness primarily to address specific compliance or audit requirements, but enhancing the Security Awareness program to promote awareness and encourage longer term behaviour change will have a greater impact.
There are approximately 15 billion phishing emails sent per day; almost half of those target or impersonate financial institutions.
With social engineering attacks and phishing attempts still increasing, they remain the key contributors to CEO fraud and frequently result in authorised push payment fraud.
Authorised push payment fraud (APP fraud) is a form of fraud in which victims are manipulated into making real-time payments to fraudsters or cyber criminals, typically by social engineering attacks involving impersonation and phishing.
CEO Fraud is a scam in which cybercriminals spoof company email accounts and impersonate executives to try and fool an employee in accounting or HR into executing unauthorised wire transfers, or sending out confidential tax information.
We work with a number of organisations across the Financial and Insurance Sector and would be happy to discuss how we could support your business.
Please contact us for more information.