According to a recent State of Ransomware in Financial Services report, 65% of financial services organisations were hit by ransomware in 2024. The report concluded that the most common entry method of ransomware attacks for this sector was compromised credentials, which were used in 30% of attacks, with exploited vulnerabilities coming in second at 27%.
Entrusted with billions of personal data records, financial institutions face a relentless barrage of cyber threats amplified by the proliferation of digital systems and software.
A cyberattack has the potential to disrupt essential services, jeopardise day-to-day transactions, and ultimately undermine customer confidence in the business, as highlighted by Espria solutions architect, Brian Sibley.
On this, Sibley said: “With the concerning increase in reported cyber incidents in the past three years, it’s crucial for firms, particularly those in the finance and professional services sectors, to build long-lasting cyber resilience strategies and better protect themselves from intruders.
“Through risk-based prioritisation and reliable technology, these organisations must ensure they can manage and reduce the attack surface for bad actors to strike, otherwise, they may find the risks of rapid technology adoption outweigh the benefits.”
The Digital Operations Resilience Act (DORA), which will take effect in January 2025, will further emphasise the need for financial entities to strengthen their IT security and remain resilient during disruption.
Sibley continued: “The new regulations call for specific security measures to establish a harmonised cyber framework consisting of strong baseline cybersecurity such as approved written cybersecurity procedures, continuous vulnerability assessments and Risk Management.
“Financial institutions must balance maintaining the risk-based approach while raising the bar to address weaknesses observed in prior cyber incidents. Sourcing a reliable MSP to shoulder operational burdens can resolve this for firms struggling to streamline these advanced technologies.”
Many financial and professional services organisations will already have several risk management measures set up, but it can be easy for IT teams to get caught up in managing complex IT environments rather than ensuring all systems are compliant and working to ward off threats effectively.
Having recently been recognised by Sophos as one of the year’s top-performing channel partners and distributors, Sibley reiterated the effectiveness of managed service providers, such as Espria, who can help the financial and professional services sector to streamline security operations to give way for more effective asset protection.
Sibley added: “As the leading managed service provider of Sophos products working with small and medium sized businesses in the UK, the value we can provide for the financial industry cannot be understated. From implementing or assessing the effectiveness of their compliance positions to providing the right solutions for better risk management and resilience, the right partner can help firms identify any existing gaps and allocate the appropriate resources for compliance.”
“Financial institutions can cover any cybersecurity blind spots by adopting managed services to monitor and provide detailed insights into every aspect of their digital ecosystem. Firms can choose to implement the services they require when needed and avoid the costly downtime that comes with getting new solutions up and running, without compromising on expertise. As a result, firms can optimise their technology spending and operations under a single, securely managed umbrella.”
Sibley concluded: “Cyberattacks remain a significant threat to financial services organisations of all sizes. With the new DORA regulation, increased regulatory harmonisation will require updated or new systems to be adopted for survival. Firms must be proactive rather than reactive to keep pace with the changing landscape.
“With the necessary experience of navigating these challenges, MSPs such as Espria can be specialised partners providing the right solution without large-scale IT overhauls and cost overruns. Embracing a renewed commitment to prioritise cybersecurity and threat mitigation will allow financial institutions to protect their assets while paving the way for an efficient and responsible future in the digital age.”
“Financial firms are urged to adopt a proactive approach to cybersecurity resilience” was originally created and published by The Accountant, a GlobalData owned brand.
The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.