News

Department of Financial Services seeks to tighten New York bank security

Recently, the Department of Financial Services released a report outlining the current state of cybersecurity within the banking and financial industry. The DFS' research illustrated the rising data protection risks that banks, credit unions and all firms in the financial sector face, including malware infection, hacking and cybercriminal activities. Furthermore, the report showed that these threats have only been increasing in the past few years.

Report findings
According to Finextra, the DFS conducted a survey of 154 financial institutions to get a better understanding of the current security and threat environment. Researchers found that the majority of banking organizations have been the victim of malware infection, or have experienced an attempted malware attack during the previous three years.

General malware attacks infiltrated 22 percent of survey participants and 28 percent saw phishing or pharming attacks. Furthermore, as the adoption of mobile banking apps rises, this also becomes a new attack vector for cyberthieves. The report noted that 15 percent of respondents experienced an attack on their mobile banking platform.

Currently, 90 percent of banks have security measures in place within their infrastructure designed to prevent attacks of this kind. However, the report found that this type of security framework was less common with smaller banks. This trend may shift in the near future, though, as more than 75 percent of respondents noted that their data protection budget has increased in the past three years and will continue to grow in the upcoming three years.

Upcoming financial firm assessments
In response to the report, Governor Andrew Cuomo released plans to have the DFS assess the security measures of New York's banking facilities, reported Finextra.

"With today's growing cyber threats we need to make sure New Yorker's finances are protected from online predators," Cuomo said. "Targeted cyber security assessments for banks will better safeguard financial institutions from attacks and secure personal bank records from being breached."

The additional investigation will come during regularly scheduled DSF examinations and will require firms to answer additional questions pertaining to their IT management and governance practices, their processes for incident response and event management. Banking organizations will also have to provide information about network security, access controls, vendor management and disaster recovery plans.

Security tips for the financial sector
The DFS report found that no matter the size of the banking institution, most leveraged several of the same security measures.

"Irrespective of size, the vast majority of those quizzed use security technologies such as anti-virus software, firewalls, server-based access control lists, intrusion detection tools and encryption," Finextra stated.

However, their information security efforts should not end there. Bank Info Security advised looking to the requirements connected with industry compliance to guide protection efforts. Security expert David Schneier noted that these measures are vital to protect customers' and bank members' personal data as well as the assets belonging to the bank.

Inetsolution also recommended utilizing best practices including robust password and authentication measures, real-time transaction alerts and additional client-facing security protocols.

Protect data in transit with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950

Buy now! Try now!