Reading Time: .
Cybercriminals primarily target web applications
From 2019 to 2020 alone, the number of distributed denial of service (DDoS) attacks on web applications increased by over 300 percent. Myra Security’s mitigation data also shows that the number of complex multi-vector and amplification attacks in particular has increased noticeably. Cybercriminals use these methods to multiply the impact of their attacks. At the same time, an increase in digital blackmail attempts via the DDoS attack vector can be observed. If companies do not pay the ransom demanded within the specified period, massive overload attacks ensue.
Real-world experience shows that vulnerable targets are attacked more often, with attackers returning and demanding ever higher ransoms. Protected infrastructure, however, is something that cybercriminals avoid in order to spare their own resources. The only answer to the intensified threat situation is preventive protection for the operational business.
The German Federal Financial Supervisory Authority (BaFin) takes a more restrictive approach and announces more intensive controls
In view of the amendments to MaRisk and BAIT, the regulatory bar is being raised once again. The sector’s experience shows that banks should be as proactive as possible in addressing the technical and organizational requirements. Institutions that only upgrade their IT under external pressure as part of an audit required by Section 44 of the German Banking Act (KWG) needlessly blow a lot of their budgets in this process and still usually end up with less than ideal results.
Banking is a matter of trust
Those who invest in cybersecurity at an early stage and with a high level of commitment can, of course, also use this to their advantage when communicating with customers and in other business relationships. Banks depend on the trust of their customers. They count on new services to be error-free, secure, and stable. This trust can be further enhanced by implementing advanced security solutions.
In contrast, errors and failures of digital services can seriously undermine this trust, resulting in long-term harm to the bank’s image. This is because, in addition to BaFin, attackers are also inspecting the security of banking IT, continuously, 24/7, 365 days a year.
Leveraging cybersecurity as a process with many added values
The crux lies in the choice of partner
By outsourcing IT security to specialists, security can be raised to a level that is difficult to accomplish in-house. With professional service providers, fears about unnecessarily complex structures or a further increase in the attack surface are unfounded. Cybersecurity is part of their unconstrained daily business and expert IT specialists represent a first-class human firewall.
The time for concrete action has long since come. Institutions today need to future-proof their systems to meet customer needs, compliance requirements, and the cyber threat landscape. Digital laggards will inevitably lose ground in the market and be pushed out in the long term, whether by fintechs or big tech. There are no shortcuts in digitization and certainly not in cybersecurity.