Financial services firms increasingly operate online and rely on internet availability to communicate information in real time. These days a good digital experience is central to a brand’s success. However, this shift has brought with it risks.
The number of cyber attacks against financial services companies reported to the Financial Conduct Authority (FCA) has risen by more than 80% in the last year.
In 2017, 69 material cyber incidents were reported to the FCA, an increase on the 38 in 2016 and 24 in 2015.
Seven in ten FTSE 100 companies are not ready for the next major DNS attack, says study
A new report released today by EfficientIP shows that financial organisations suffered an average of seven DNS attacks last year, with 19% attacked ten times or more in the previous twelve months.
According to the report, the most common impacts of DNS attacks are cloud service downtime, experienced by 43% of financial organisations, a compromised website (36%), and in-house application downtime (32%).
A spokesperson from EfficientIP said: “DNS attacks also cost financial institutions time. Second to the public sector, financial services take the longest to mitigate an attack, spending an average of seven hours. In the worst cases, some five per cent of financial sector respondents spent 41 days just resolving impacts of their DNS attacks in 2017.
“While 94% of financial organisations understand the criticality of having a secure DNS network for their business, overwhelming evidence from the survey shows they need to take more action. Failure to apply security patches in a timely manner is a major issue for organisations. EfficientIP’s 2018 Global DNS Threat Report reveals 72% of finance companies took three days or more to install a security patch on their systems, leaving them open to attacks.”
David Williamson, CEO, EfficientIP, added: “The DNS threat landscape is continually evolving, impacting the financial sector in particular. This is because many financial organisations rely on security solutions which fail to combat specific DNS threats.”