Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
In a world where digital banking is essential, cybersecurity is key.
For experts like Lumin Digital’s Chief Risk and Security Officer Sean McElroy, in order to take charge of finance technology security, stakeholder and IT team leaders need to prioritize the same old solutions—basic cybersecurity hygiene and adapting responses to threats.
“Time is of the essence,” he told IT Brew.
Checking. There’s real cause for concern. The Cybernews Business Digital Index, updated on Oct. 9, found that a majority of finance companies they looked at—58%—scored a D or worse on their outcome reliability vulnerability assessment. A little over one-quarter, 26%, scored an F; only 11% scored an A. European companies did best of all geographic regions, but in each region, the D or worse score was common.
Much like other industries facing cyber threats, the digital banking and financial tech spheres need to apply tools like multi-factor authentication (MFA). Luckily, McElroy said, MFA adoption is no longer intimidating for users—but attackers are still trying different techniques.
“You might be dealing with brute force attacks, where the next kind of data breach, exposure of passwords, can be reused because people still are reusing the same passwords everywhere,” McElroy said.
Withdrawal. Social engineering scams increased tenfold in 2024, according to a Nov. 12 report from BioCatch. These attacks are damaging to both the customer and the company, BioCatch researchers wrote in a press release announcing the findings, with such scams accounting for 23% of digital banking fraud.
“As the industry deploys the newest authentication methods in both account opening and account takeover processes, fraudsters will undoubtedly attack these as well,” BioCatch Global Advisory Director Seth Ruden said in a statement.
Savings. In order to manage the plethora of cyber dangers, IT teams need to have the right tools, McElroy said, and internal support. Part of ensuring that system works is locking in how different parts of companies or organizations talk to one another.
“IT teams have the tools and the positioning in the organization to be very effective at lighting up the cybersecurity teams, or effectively being the cybersecurity team—at least doing the threat identification and the confirmation that there actually might be an ongoing security incident,” McElroy said. “A big part of that is communication internally; it’s important for organizations not to silo it into, ‘That’s not your job.’ It is.”