Kaspersky Lab: Online Merchants and Financial Service Providers are Among Sources of Stolen Banking Information
According to Kaspersky Lab’s survey of IT professionals worldwide, almost half of businesses in e-commerce/online retail (48%) and financial services sectors (41%) can lose some type of finance-related information over the course of a year through targeted attacks, application vulnerabilities and other forms of cyber-incidents.
According to Kaspersky Lab’s survey of IT professionals worldwide, almost half of businesses in e-commerce/online retail (48%) and financial services sectors (41%) can lose some type of finance-related information over the course of a year through targeted attacks, application vulnerabilities and other forms of cyber-incidents.
While the two business segments share this similarity, their attitudes towards security technology are different: only 53% of the e-commerce/online retail segment indicated that they “make every effort to keep anti-fraud measures up to date,” which is 10% lower than the overall global average. Since the entire business model of online merchants is based on payment processing, this reluctance to invest in anti-fraud measures might cause business losses in case of a security incident.
The financial services segment takes a more positive and proactive approach towards securing financial data: 64% of these organisations said they “make every effort to keep anti-fruad measures up to date”. Additionally, 52% of financial services providers reported a desire to implement new technologies to protect financial transactions, compared to 46% of the e-commerce/online retail segment.
After a Breach:
Kaspersky Lab’s survey also asked businesses that experienced a serious data loss incident about steps taken afterwards to protect their customers. Despite their differing attitudes, both the e-commerce/online retail and financial services sectors took similar steps to implement additional protections. The most common measure implemented was “providing secure connections for customer transactions,” which was done by 88% of financial services organisations, and 78% of e-commerce/online retailers. Financial services providers are more focused on proposing specialised solutions for mobile devices than e-commerce/online retailers (75% vs. 56%, respectively).
In general, the least common step taken by both financial services providers and e-commerce/online retailers following a data breach was to provide free or discounted versions of premium Internet security software to their customers. It would appear that both sectors are more willing to invest in securing their own systems, rather than investing in securing their customers’ systems.
Lastly, despite the relatively high adoption rates of specialised fraud protection for endpoints following a data breach – 71% for financial services, and 62% for e-commerce/online retailers – the flip-side of those numbers is noteworthy. These numbers show that approximately one-third of companies in both sectors are still not investing in financial security software, even after financial information is stolen from them in a data breach incident.
Recommendations:
Security industry research shows that businesses specialising in collecting and processing customer payment information are being actively targeted by cybercriminals. Kaspersky Lab’s survey proves that these businesses are very likely to lose payment data through a data breach. Instead of reacting to the attack, Kaspersky Lab advises businesses to be proactive in securing their IT networks, as well as securing payment systems with specialised protection.
Companies should use a comprehensive security solution, like Kaspersky Endpoint Security for Business, that helps protect the whole network from an onslaught of malware, phishing, and other cyber threats, and at the same time gives IT managers convenient single administrator console, providing visibility and policy control over the security of their network. Financial institutions also need specialised solutions such as Kaspersky Fraud Prevention that also ensures the protection of customer endpoints, including their mobile devices, and provides an SDK for reinforcing the security of mobile banking applications. This fraud protection platform also includes Kaspersky Lab’s threat intelligence services that help increase bank employees’ level of cyber threat knowledge.
To find out more about Kaspersky Endpoint Security for Business and Kaspersky Fraud Prevention, please go to www.kaspersky.com/business-security/ and http://www.kaspersky.com/business-security/fraud-prevention.
Kaspersky Lab: Online Merchants and Financial Service Providers are Among Sources of Stolen Banking Information
Kaspersky
Related Articles Business News
Kaspersky Lab and Fraunhofer IOSB to help raise awareness of ICS cybersecurity with specialized training for industrial organizations
Connectivity has become an integral part of industrial processes but it can also leave them more exposed to cyberthreats that can have wide-ranging physical impact.Read More >More than 40% of ICS computers were attacked in H1 2018
More than 40% of all industrial control system (ICS) computers protected by Kaspersky Lab solutions were attacked by malicious software at least once during the first half of 2018. The most impacted countries turned out to be Vietnam, Algeria and Sri Lanka, while the safest region for industrial machines was Denmark. These are among the main findings of the Kaspersky Lab ICS CERT report on the industrial threat landscape in H1 2018.Read More >Amidst the constant increase in the number of cybersecurity incidents, Kaspersky Lab says that trusted MSPs should be utilised to assist in protecting businesses
The Kaspersky Lab IT Security Risks Survey 2017 highlighted that 42% of small and medium businesses (SMBs) and 51% of enterprises indicated that they worked with Managed Service Providers (MSPs) in 2017.Read More >