"Senior IT decision makers within the industry have undoubtedly had it particularly hard since the pandemic started. But the finance sector needs to make cybersecurity a top priority."
The strain on IT teams throughout the pandemic is taking its toll when it comes to cybersecurity best practice. The majority (79%) of IT decision makers at financial companies have done at least one thing to compromise their company's security over the past year. More than 2 in 5 (44%) have kept a cybersecurity attack affecting their business to themselves, with a similar figure re-using an existing password at work (39%) or using easily-guessable login credentials such as ‘password’ (38%). The consequences of bad habits are showing, as nearly two-thirds (63%) of IT decision makers admit the time taken to respond to a cyberattack has increased over the last 12 months, with a worrying 59% admitting they are not addressing the gaps in their online security.
An overwhelming 89% agreed that an independent, nationwide body would be an effective way to hold businesses accountable while reducing the level of cyberattacks aimed at the financial sector. Additionally, 94% agree that businesses should be legally required to have basic cybersecurity protections in place before being allowed to operate or trade.
Darren Guccione, CEO and co-founder of Keeper Security, commented: “The UK’s finance sector is a lucrative target for cybercriminals given the wealth of data it possesses. The frequency, intensity and severity of attacks we’re seeing is cause for immediate action. Senior IT decision makers within the industry have undoubtedly had it particularly hard since the pandemic started. But the finance sector needs to make cybersecurity a top priority. Otherwise, there is a real risk that even relatively unsophisticated cyberattacks will cause serious harm and cripple organisations. Ransomware-As-A-Service is fueling an exponential increase in these attacks.
“At least for now, the UK finance industry must do more to protect itself against cyberattacks. The reality is that there is no silver bullet in the fight against all cyberattacks. However, there is a lot that financial organisations can do to start addressing the issue quickly and efficiently. The simple act of protecting a company's passwords, for example, can go a long way in preventing most of these attacks from succeeding. But the key here is to move at pace, otherwise organisations in the finance industry will continue to be an easy and lucrative target for cybercriminals."