Written by Kamal Srinivasan, SVP, Product and Program Management at Parallels (a-sub brand of Alludo)
As technology advances and cybercrime continues to evolve —data security becomes more important and more challenging than before. Fortunately, the market for cyber security solutions is changing. Perpetrators are constantly using new tactics to gain access to systems and improve as well as to try and keep ahead of the security threats. According to a recent study, 41% of organisations across numerous sectors reported security breaches within the last 12 months. So, in this modern world of evolving cyber threats and advancing security solutions to thwart them, what is the current state of cybersecurity and what are global financial organizations’ main goals and future challenges?
To better understand the current state of cybersecurity, a primary research survey was recently conducted—by Alludo in partnership with Qualtrics. The poll consisted of nearly 500 IT professionals responsible for cybersecurity at large international companies across various sectors. The study explored where business users are focusing their efforts and highlights the challenges they face. In addition, the study investigated how the cybersecurity market is evolving and in which new technology investments are being made.
The Current State of Data Security
In light of the emphasis organisations are placing on security, it shouldn’t come as a surprise that a significant majority – 86% – of those surveyed reported that security was extremely important to their companies. While most of the respondents rated their current security as at least adequate, 64% reported that malware and ransomware attacks were of primary concern, at least from an external threat perspective. As financial institutions become increasingly reliant on technology, the threat of cybersecurity threats increases. Especially as those outside financial institutions have more access to internal data due to the cloud.
While these stats may not come as a surprise, what was particularly intriguing is how 42% of respondents reported that cloud vulnerabilities were second on the list of security threats with outside origins. With cloud adoption growing in popularity at such an astonishing rate, this stat confirms that savvy security and IT professionals are taking security in the cloud into account. Just as in other sectors financial institutions are delving more into the cloud as employees embrace more of a hybrid approach and customers demand more of a contactless approach. Consequently, financial institutions are increasingly putting more importance on cloud security.
Social engineering and stolen or compromised credentials were also prominent concerns among respondents, as well as internal threats tied to human error such as weak passwords or employee negligence. Where previously institutions such as banks would only have to worry about external threats, increasingly due to the increased adoption of hybrid workflows, there are increased fears about internal threats.
Organisations planning to increase budgets for security
With all the potential security threats out there, the study found that organisations worldwide plan to increase their security expenditures, with 78% reporting that they will increase their security budgets moderately or significantly in the coming year. This may or may not be connected to the rapid adoption of the cloud or the fact that remote work is here to stay. Unfortunately, it is all too common that IT and financial organisations have been impacted by some type of cybersecurity event, often related to cloud vulnerabilities and/or remote access. So, there’s no denying the fact that IT professionals are putting cybersecurity at the forefront of their minds — and budgets.
Despite the doom-and-gloom of the internal and external threats organisations such as investment firms and banks are facing, the study found that a majority of the respondents exhibited a certain amount of confidence, with 64% stating that they did not expect a security breach in the coming 12 months and 59% saying they did not experience a security breach during the previous year. This confidence could be the result of having proper security solutions in place since 88% of respondents reported their current security solutions are either very strong or somewhat strong. With today’s reality of hybrid and remote workers, a secure solution for accessing work applications regardless of their location is critical.
The Usual Suspects
In addition to having confidence in the proper security solutions, financial institutions can also draw encouragement from knowing the top internal and external cybersecurity threats. After all, the battle is easier once you know what you’re up against. Though the development of technology seems to be accelerating year after year, the causes of security threats somewhat stay the same. Reports featuring leading security professionals found that the top internal data threats were human error (55%), weak passwords or poor password hygiene (51%) and mobile device vulnerabilities (38%).
When it comes to top external data security threats malware and ransomware attacks (64%), cloud vulnerabilities (42%) and phishing attacks (38%) were the leading causes for external data threats. As we venture further into 2023 and even into the first quarter of 2024, it is unlikely threats will change. However, these attacks may become more potent and targeted at organisations’ weak points.
Empowering IT Professionals with Future-Proof Security in 2023 and Beyond
As cloud solutions and platforms continue to grow and more employees are using their own devices, a secure workspace with access to company data and applications is essential. Organisations across all sectors need to be able to make intelligent and strategic decisions about the security solutions they need and then apply those technologies in a way that deals with the core issues that enable flexibility and choice of decentralized IT.
It’s clear that organisations are seeing many benefits from putting in place the necessary tools to keep their organisations safe from evolving security threats. While many claim to be at least somewhat satisfied with how their security strategies and applications are performing, there is always room for improvement. The truth is IT professionals must ensure that their organisations are protected from the cybersecurity threats facing them. With remote and hybrid work becoming an integral part of the new work culture, IT administrators need to be focused on providing a digital workspace that offers secure access to company data and resources while ensuring productivity no matter how, when, and where the employees are working in 2023 and beyond.
