As you may know, cyber crime is a predominant issue in the finance industry. As a result, companies in this industry are at an increased risk of experiencing some form of cyber attack. Why is this the case? What can these companies do? Find out the answer to these questions and much more in our latest blog:
What We Know:
- The money potentially involved is seen as a huge reward.
- The personal data stored by these companies is invaluable. They want to get their hands on these files.
- Easy target. Whether this is due to a severe lack of protection (firewalls, anti-virus etc.) within these companies or untrained members of staff falling victim to a Cyber Attacks, the Financial industry is heavily targeted by cyber criminals.
As a slightly separate but related note, since the introduction of GDPR almost two years ago, it is worrying that many are still suffering security incidents and not ensuring compliance with the data protection regulation. As you may know, failure to comply with GDPR can result in a fine of €20m or 4% of the turnover, whichever is the largest figure.
What the Research Shows:
“70% of financial companies suffered a cyber security incident in the last 12 months
- Nearly half (43%) of security incidents within the financial sector are caused by employee failure to follow company data protection policies.
- Other key causes of security incidents include introduction of malware and viruses via 3rd party devices (32%), file and image downloads (25%) and employees sharing data with unintended recipients (24%).
- Financial organisations rank data loss prevention technology as number 1 area of investment, ahead of database security and regulatory compliance.”* – Research from Clearswift.
If you are yet to take any significant measures to improve your Cyber Security defences against today’s landscape, now is the time to act. The financial services industry will only continue to be heavily targeted. Having the attitude that “it will never happen to me or my business” can be a costly one.
What Can You do Immediately?
Train Your Staff
Do not do this simply once a year and think that is sufficient. Cyber criminals are regularly changing and updating their techniques. Stay up-to-date with their methods and instruct your staff. After training them, put them to the test. How?
One method that has been a huge success for several companies has been setting up a Phishing Email Security Test. See how many of your employees will fall for a fake phishing by simulating a phishing email and see the results. Get in touch with the Sweethaven team for more info on how to set this up.
Upgrade & Update
The two most important and simple words to follow: Upgrade and Update. Regularly update software used by your company so that it has the latest security patches. Are you still on Windows 7? We strongly recommend updating to Windows 10. Read more: Windows 7 End of Life (EOL) – Why You Need To Move to Windows 10
Upgrade your machines and any other tech that is getting old. Old, slow and faulty machines are more exposed to cyber crime, especially those in which it is impossible to update software being used.
Assess Security & Implement Necessary Adjustments
Never be satisfied with your security. Just as cyber criminals are always looking for new methods to attack, you should be proactive and looking to improve where possible. Unsure where to start? What to improve? Want advice in general? The Sweethaven team are here to help.
We are currently offering local companies a Free Audit to visit you and your company and perform an initial assessment, evaluating what you are currently doing, not doing and any areas for improvement. Enquire with the team to book today or find out more.
Sweethaven 360 Security Audit
The Sweethaven team has undertaken a series of assessments to ensure the team here has the highest possible level of knowledge and awareness around GDPR and cybersecurity to best support and advise our customers in the required adaptations to the way both their people and their systems work. Government accredited qualification has also provided a badge of reassurance that Sweethaven has implemented the best possible measures for security of the data that we control.
Following an intense 7-month period of training, Sweethaven are now fully accredited as an IASME Gold and CyberEssentials assessment body. Contact us to find out more.
You can also download our free Cyber Security Checklist and evaluate yourself and your company. Where can you improve? Let us know!
01737 247 090
* Full blog from Clearswift can be read here.