10 risks and cybersecurity strategies for banks in 2023

David R. McKnight, Timothy Tipton
10 top risks and cybersecurity strategies for banks in 2023

Cryptojacking, AI-based attacks, ransomware, and phishing are among the threats for 2023. Specific cybersecurity strategies can help banks prepare.

Cryptojacking, AI-based attacks, ransomware, and phishing are among the threats for 2023. Specific cybersecurity strategies can help banks prepare.

Cyberattacks are becoming more frequent, and they’re costing companies more as well. The average cost of a data breach for a U.S. company in 2022 was $9.44 million, up from $9.05 million the previous year. As the financial services sector grows more digitized and the volume of electronic transactions surges, the industry is even more susceptible to cyber-based perils.

In 2023, 10 cybersecurity hazards in particular could cause significant disruption, but financial services companies can implement specific, proactive cybersecurity strategies to mitigate risk.

Sign up to receive the latest cybersecurity insights on identifying threats, managing risk, and strengthening your organization’s security posture.

1. Ransomware attacks

Ransomware attacks are becoming more frequent and sophisticated, and financial services organizations are prime targets for cybercriminals. These attacks can cause serious harm to organizations, including sensitive data loss and operational disruption. Additionally, some organizations are forced to pay millions of dollars in ransom payments to threat actors.

Key prevention and mitigation strategies:

  • Apply multilayer security measures such as firewalls, intrusion detection, and prevention systems
  • Continually monitor and assess security practices
  • Update and patch software and systems on a regular basis
  • Encrypt data and devices
  • Provide employee security training and awareness programs
  • Create a detailed incident response plan
  • Implement strong backup and disaster recovery procedures
Cloud security threats

2. Cloud security threats

Cybercriminals are taking advantage of financial services companies’ increasing embrace of and reliance on cloud services, so cloud security controls are critical. Once threat actors gain entry to these cloud services, they target sensitive information, which they then alter, steal, destroy, or use to gain reverse access to the organizations’ internal networks.

The most serious vulnerabilities often stem from cloud misconfigurations, unrestricted cloud management platform access, and lack of visibility of cloud infrastructure. The resulting attacks can expose sensitive information, grind operations to a halt, and inflict substantial financial losses.

Key prevention and mitigation strategies:

  • Engage a cloud access security broker (CASB) that can provide an extra layer of protection between the cloud service and the organization's network
  • Work with the CASB to monitor and enforce security policies and provide visibility into and control over cloud use

3. Artificial intelligence and machine learning attacks

As fast as financial services companies are figuring out ways to apply artificial intelligence (AI) and machine learning to benefit their businesses, cybercriminals are also devising ways to weaponize these tools for more efficient cyberattacks. The automated and persistent nature of these attacks can make them especially hard to detect and defend against.

Some of the most frequent types of AI and machine learning attacks that financial services companies face include:

  • Adversarial attacks and data poisoning. In these types of attacks, threat actors manipulate input data or training data, causing machine learning models to produce incorrect results or behave in unintended ways.
  • Model theft. Cybercriminals steal a machine learning model and use it for malicious purposes.
  • Model inversion. Threat actors reverse-engineer a machine learning model to extract sensitive information.
  • Bias and fairness attacks. Cybercriminals manipulate data or models to create systematic biases or unfairness in the results from machine learning algorithms.

Key prevention and mitigation strategies:

  • Protect models through adversarial training specifically designed to test resilience to attacks
  • Regularly update and retrain models on adversarial responses
  • Encrypt data, both in storage and during transmission
  • Apply secure protocols such as HTTPS and TLS to prevent unauthorized data access to data
Insider threats

4. Insider threats

Employees, vendors, and other individuals who have access to sensitive information can pose a risk to an organization – whether they intend to or not.

Insider threats can take various forms. Sometimes, individuals misuse sensitive information for personal gain, such as theft of confidential customer data or intellectual property for financial profit. But other threats come from more innocent and accidental actions, such as someone sending an email containing confidential information to the wrong recipient.

In just two years between 2020 and 2022, the number of insider threat incidents worldwide rose by 44%.

Key prevention and mitigation strategies:

  • Conduct thorough background checks on all employees and due diligence in vendor management
  • Provide regular security awareness training
  • Implement strict access controls to sensitive information
  • Lean on technology solutions such as data loss prevention tools and activity monitoring software

5. Phishing attacks

Phishing attacks trick individuals into disclosing sensitive information such as login credentials, financial information, and personal details. Increasingly sophisticated techniques and messaging have made these phishing attacks more effective and persuasive than ever.

The cost of a phishing attack can vary widely depending on factors such as the size and complexity of the bank or other financial services company, but the total financial impact to the organization can easily add up to a multimillion-dollar figure.

Key prevention and mitigation strategies:

  • Implement robust security solutions such as email filtering, multifactor authentication, and URL filtering
  • Train employees to recognize and report phishing emails
  • Provide additional training on topics such as safe browsing practices and optional security features
  • Build a well-defined incident response plan
  • Work closely with law enforcement to investigate any attacks
Legacy system attacks

6. Legacy system attacks

Legacy systems are systems that have reached an end-of-life or end-of-support stage from the vendor, making them vulnerable to security threats. These older systems often lack defenses against the latest and most sophisticated threats to cybersecurity in banking, so organizations that use legacy systems risk security breaches and data loss.

Spending on legacy systems can drain IT resources, too. Between 2010 and 2020, about three quarters of IT spending by corporations and governments worldwide went toward operating and maintaining existing IT systems.

Key prevention and mitigation strategies:

Banking leaders and their cybersecurity teams must work together to address the problems of legacy systems.

  • Assess the organization’s technology landscape
  • Devote the necessary resources to modernize systems

7. Cryptojacking

Cryptojacking occurs when a cybercriminal gains unauthorized access to an organization's computing resources and uses them to mine crypto assets.

These attacks are becoming increasingly prevalent, and the impact of cryptojacking on an organization's systems can add up fast. Cryptojacking can cause substantial performance degradation, eat up resources, and lead to slowdowns. In addition, the criminal's theft of computing power and electricity can result in higher utility and technology costs.

Key prevention and mitigation strategies:

Organizations need to take proactive measures against cryptojacking threats.

  • Implement robust security measures
  • Regularly monitor systems for signs of suspicious activity
Bank cybersecurity is a continual process. We’re here to help with proactive, intelligent solutions.
Internet of things (IoT) security limitations

8. Internet of things (IoT) security limitations

In the past few years, more financial services companies have woven IoT devices into their infrastructure and operations. As a result, IoT is rapidly transforming how financial services organizations function, from point-of-sale systems to smart locks, wearables, building automation systems, and mobile devices.

However, this rapid proliferation has also created new cybersecurity risks that organizations must address. Despite the widespread adoption of IoT devices in the financial services industry, these devices often come with few security measures. Many devices lack basic security features such as encryption, authentication, and access controls. These security limitations make some IoT devices a soft target for cybercriminals.

Key prevention and mitigation strategies:

  • Assess where IoT is being used within the business
  • Limit access of IoT devices to the information and systems needed to perform their functions
  • Build a comprehensive plan to manage and secure all IoT devices
Supply chain attacks

9. Supply chain attacks

Cybercriminals often explore supply chains and exploit the weakest security link by compromising software, hardware, or other system components before information gets delivered to the end user. The results of these attacks can be devastating, with consequences ranging from data breaches and theft of sensitive information to disruption of operations.

In 2022, the average cost of a supply chain attack was $4.4 million, and the average life cycle of an incident for U.S. companies lasted 303 days – 26 days longer than the global average.

Key prevention and mitigation strategies:

  • Perform due diligence and risk assessments for all suppliers
  • Apply secure software development practices
  • Create a strategy for regular monitoring and detection of potential supply chain risks
  • Consider using only secure hardware, software, and services from trusted suppliers
  • Implement secure configurations and access controls
  • Build an incident response plan that identifies critical assets, establishes clear roles and responsibilities, and outlines contingency plans

10. Blockchain security gaps

Blockchain technology has revolutionized the financial services industry, but it has also created new security risks.

Blockchain networks contain multiple elements that companies must manage and secure, including the underlying infrastructure, the cryptographic algorithms and protocols used to secure transactions, and the consensus algorithm used to validate transactions and maintain the integrity of the blockchain. Smart contract security represents another critical concern, as blockchain networks use these contracts to automate transactions and enforce rules.

Key prevention and mitigation strategies:

To bolster the security of blockchain-based systems in the financial services industry, banks must regularly evaluate the overall security of these systems and their components.

  • Conduct security assessments and testing to identify potential vulnerabilities
  • Implement remediation measures for any identified issues

Our specialists can help you get proactive about threats with effective cybersecurity strategies.

As cyberattacks become more frequent, intricate, and dangerous, it’s critical for financial services companies to stay ahead of the curve in terms of cybersecurity.

Talk with our banking cybersecurity specialists today. We can help you build a cybersecurity strategy to make your business safer and more secure.

Dave McKnight
David R. McKnight
Principal, Financial Services Consulting
Timothy Tipton
Timothy Tipton
Financial Services Consulting