Netwrix, a cybersecurity vendor that makes data security easy, announced financial market findings from its 2020 Netwrix Cyber Threats Report. Netwrix conducted this online survey in June 2020 to understand how the pandemic and ensuing work-from-home initiatives changed the IT risk landscape.
Of all the verticals the online survey analyzed, the financial industry exhibited the most drastic changes in cybersecurity priorities. Concern about VPN exploitation skyrocketed, with a whopping 94% of respondents naming it a top security risk. Worry about supply chain compromise also soared, from 50% to 97%. The number of organizations prioritizing deliberate data theft more than doubled, from 30% pre-pandemic to 70% now, while concern about accidental data sharing dropped from 80% to 50%.
Read More: Deutsche Bank Revamps Operations Platform for its Business Clients
Despite this increased concern about malicious activity, the most commonly reported incidents involved human errors: 48% of respondents had users fall for phishing attacks in the first few months of the pandemic, 31% suffered improper data sharing, and 28% experienced incidents caused by admin mistakes.
Other findings of the survey include:
- 30% of financial organizations feel they are at greater cybersecurity risk now than they were pre-pandemic. The majority (64%) are concerned about both more frequent cyberattacks and the security gaps caused by remote work.
- 14% of respondents reported a supply chain compromise since the pandemic began. Though this event is seen as a critical risk by nearly all financial organizations now, the victims were particularly slow in detecting it: 76% needed days, weeks or months.
- Insecure data sharing took the longest to detect: 51% required days to flag the incident, while 19% needed weeks and 11% required months.
“In the financial sector, concern about malicious access to sensitive data skyrocketed in the first few months of the pandemic, more so than in any other vertical. However, the majority of incidents at financial organizations during that period were actually caused by the human element. To minimize both malicious and inadvertent data loss, this industry should heed cybersecurity experts, who recommend combining regular end-user training with flexible solutions that can proactively identify and protect sensitive data and spot attacks before they become breaches,” said Ilia Sotnikov, VP of Product Management at Netwrix.