HK financial sector to remain a top target for cybercriminals

HK financial sector to remain a top target for cybercriminalsThe financial services sector is likely to remain a top target for cybercriminals in 2017 due to the sensitive nature and value of financial data the industry holds, security vendor Fortinet has warned. The company predicts attack to continue growing in complexity and number.

“The financial industry continues to be a prime target given the sensitive nature of its data that is extremely valuable on the online black market. Cybercriminals are also capitalizing on new ways to exploit increasingly complex network environments in FSI and developing new techniques to bypass security and evade detection,” said Cherry Fung, Country Manager, Hong Kong, Macau and Mongolia, Fortinet.

She suggests the industry to prepare to better detect and mitigate threats in order to protect their organization. The company lists its 2017 top 5 cybersecurity threat predictions for the financial services industry in 2017 as including:

1. Further Securing the Cloud

Information security tops the lists for reasons why financial institutions hesitate to move data to the cloud. Recently some large FSI organizations have moved part of their service offerings to public cloud service providers like AWS and Rackspace.

As cloud adoption grows across the industry in 2017, organizations need to ensure the data being passed to the cloud is put through the same scrutiny as all other data. Visibility into that data needs to be maintained, and security policies and enforcement must be applied consistently regardless of the location of that data. Expect to see cloud security solutions continue to evolve and make protection simpler and more effective.

2. Two-Factor Authentication (2FA)

In 2016 a number of the data breaches that impacted large banks involved the theft of traditional login and password information to conduct fraudulent transactions.

To better combat this existing problem, 2FA offers an additional layer of defense in 2017. 2FA combines passwords, which the user already knows, with another type of authentication that is connected to something the user has, for instance a One-Time PIN (OTP) sent to their mobile phone.

This solution keeps traditional login and security measures in place while giving customers (and financial organizations) stronger security when managing sensitive financial transactions.

3. Securing the IoT 

The insurance industry is already relying on the internet of things (IoT) to align driving behavior with premium rates by leveraging data from in-vehicle telecommunication devices in some countries. The banking industry is expected to improve the experience for retail customers with IoT initiatives like personalized customer rewards.

Regardless of how the data is being accessed and shared, it must be secured in order to protect customers. Financial services organizations should control network access, segment traffic, and invest in solutions that can help them manage the complex nature of today’s cybersecurity landscape.