Global research demonstrates the financial services industry has been hardest hit by cloud data security issues due to high-value data and volume of cyber threats
Skyhigh Security released the Cloud Adoption and Risk Report, Financial Services Edition, that explores how the financial services sector is navigating cloud security in an era of increased cloud adoption and opportunistic cybercriminals. The report is based on a subset of data from Skyhigh Security’s The Data Dilemma: Cloud Adoption and Risk Report, which provides a comprehensive look at cloud data security challenges across industries. The new findings show that while financial services firms — including banks, insurance companies, brokerage houses and credit card companies — tend to have the highest degree of security maturity, they also face the greatest threats, making resilient and agile cybersecurity programs based on Zero Trust essential.
“When we look toward the future, increasingly stringent compliance regulations for data and privacy — particularly in financial services — will add yet another layer of complexity to cybersecurity programs”
“The uptick in hybrid work has allowed employees to use different devices to collaborate from anywhere but has also created massive opportunity for cloud data threats. Coupled with Shadow IT and a cybersecurity talent shortage, there is a real sense of urgency for organizations across all industries to double down on their data security efforts,” said Rodman Ramezanian, Global Cloud Threat Lead at Skyhigh Security. “These issues are particularly acute in the financial services realm, since cybercriminals motivated by monetary gain, or a political agenda, often target this sector. Now more than ever, financial services organizations need to be proactive and hypervigilant about their control of data and have clear ownership within their cloud security programs.”
Latest Fintech News: The Silent DAG Platform that Builds High-Utility dApps
Data security challenges on the rise with increase in cloud usage
The latest Cloud Adoption and Risk Report highlights just how rapidly organizations have embraced the cloud in response to the pandemic-fueled movement toward remote work. From 2019 to 2022, the average number of public cloud services utilized by financial services organizations jumped from 20 to 31 — an increase of over 50%. And although the financial services industry stores a similar amount of sensitive data in the public cloud as other sectors (61%), it skews toward storing more confidential internal information, such as employee records and payment card information.
Spotlight on how data is being used and safeguarded
Unfortunately, data in the cloud is often vulnerable due to unsanctioned cloud app usage by remote workers. Eighty-two percent of the financial services organizations surveyed in the report claimed that Shadow IT hinders their ability to keep data secure — in part due to a lack of skilled security staff who can track their organizations’ cloud computing trends. Ninety-six percent of respondents in financial services acknowledged these talent shortages as a problem compared to 92% of respondents across all industries.
However, financial service organizations demonstrated heightened awareness of strategies to monitor their data, such as cloud access security broker (CASB) solutions, for complete visibility and control of their data in the cloud — including both sanctioned and unsanctioned cloud apps. The sector also takes more precautions than other industries to reduce the risks associated with data loss by migrating users to IT-sanctioned apps, conducting regular auditing and implementing data classifications and policies to monitor and prevent data leakage.
Latest Fintech News: JPEX Announces Partnership with Hong Kong-listed Company, Synertone
“When we look toward the future, increasingly stringent compliance regulations for data and privacy — particularly in financial services — will add yet another layer of complexity to cybersecurity programs,” added Ramezanian. “However, as our report illustrates, there is a clear path forward for firms to comply with these regulations and not lose sleep over their data practices. The core takeaway is that organizations need to have an integrated approach to data security that is based on Zero Trust principles.”
The research presented in the report points to the advantages of a single-vendor data-aware Security Service Edge solution that converges multiple security services: CASB, Secure Web Gateway, Zero Trust Network Access and Cloud-Native Application Protection Platform. The findings suggest that IT decision makers look for a SSE solution with a single, centralized platform that simplifies cloud security and enables security teams to apply consistent data protection controls and policies across the web, cloud and private apps — from anywhere, any application and any device.
Latest Fintech News: Atomic and eCU Technology Partner to Bring Automated Direct Deposit Switching to Credit Unions
[To share your insights with us, please write to sghosh@martechseries.com]
