The Financial Sector Remains Key Target for Criminal Masterminds of Cyberattacks As the number, frequency and severity of cyberattacks continues to escalate, the financial sector remains a key target for criminals: it’s where the money is. “The global network of cyber criminals, the digital underground, is becoming more sophisticated in going after institutions with large amounts of cash and wealthy clients,” says security expert Eli Dominiz. “If you are in wealth management, the question is no longer if your firm will be targeted, but when.”
With smarter technology tools and techniques, the criminal underground is actively searching for vulnerabilities in your system 24 hours a day, he says. “Even if you think your security is strong, in looking for a hole to get in, criminals only have to get it right one time. You have to get it right 100 percent of the time.”
Mr. Dominiz, CEO of Q6 Cyber, is focused on helping companies fight cybercrime by taking a pro-active, rather than reactive approach to data protection. As a featured speaker at the 2016 Florida International Bankers Association (FIBA) Wealth Management Forum, May 5-6 in Miami, his presentation, “How the Criminal Underground is Targeting the Financial Sector and our Brokerage and Retirement Accounts,” will give forum attendees a closer look into data protection challenges facing the industry today.
“The criminal underground is business oriented, and interested in a high rate of return for their efforts,” he points out. “The significant amount of money concentrated in the wealth management sector presents an attractive high yield for low risk opportunity for cybercriminals.”
Within the atmosphere of ongoing attacks and hacktivism, Mr. Dominiz urges industry professionals to shift their focus in being proactive by deploying the best IT protections, employing threat intelligence, implementing industry best practice procedures and rigorously training employees.
“Cybersecurity is about risk management,” says Mr.Dominiz. “To reduce risk, you have to evaluate three things: your technology, your policies/procedures, and your people. A mistake in any of these areas can open the door wide to an attack. User behavior is important. Humans are the weakest link in the security chain.”
Insider threat is a big component of cybercrime, with 30-40 percent of all security breaches attributable to insider actions, whether malicious or unintentional. The 2014 attack at JPMorgan, a stunning incident that placed 83 million individuals and small businesses at risk, was traced back to a single employee log-in which extended the consequences beyond financial losses. The Panama Papers breech and the Ashley Madison collapse demonstrate the scale and far-reaching impact of a single security fail. “One attack can destroy reputations and shut down an entire company, with reverberations throughout the employee and customer network,” says Mr. Dominiz. “An attack on your firm is going to happen, and when it does, you need to be ready with a response plan. Once you have been attacked, it is too late to start planning ways to contain the damage and protect customers.”
Criminals operating within the digital underground use a multitude of diversionary tactics that can send up warning flags to an alert company. Denial of Service attacks, for instance, are designed to keep a firm’s IT department scrambling while the criminals invade the network.
“Stay aware of what is happening in your industry,” Mr. Dominiz advises. “The criminal underground shares information, and so should you. Forums such as the 2016 FIBA Wealth ManagementForum are increasingly important for heightening awareness and for educating the industry on criminal activities, while providing a platform for both informal and formal intelligence sharing. When companies collaborate there is a much better chance of defeating crime. FIBA facilitates the exchange of best practices and helps develop formal mechanisms to increase collaboration.”
FIBA’s Wealth Management Forum, a well-developed tradition that brings together the leading practitioners, solution providers and other industry specialists, convenes May 5-6 at the Ritz Carlton Hotel in Coconut Grove. To register, or for more details visit http://www.fibawealthmanagement.com/ or contact Belkis Lopez at blopez@fiba.net or via phone at 305.539.3745.