Reducing the Attack Surface in an Expanding Digital World
- Date:December 09, 2021
- Author(s):
- Tracy Kitten
- Report Details: 20 pages, 7 graphics
- Research Topic(s):
- Cybersecurity
- Fraud & Security
- PAID CONTENT
- Download summary
Overview
Businesses across the board are at greater cyber-risk today than ever before. For financial institutions, this is especially true, as they expand digital banking channels and ways to connect with consumers. But more fundamentally, all businesses are at greater risk of attack today because their attack surfaces keep expanding. Increased reliance on personal devices to access corporate systems and networks, coupled with the necessity to outsource security management, as well as some other critical functions, has put businesses in peril. Identifying risks and measuring the attack surface are the first steps toward blunting these attacks, for institutions of all sizes. Educating employees about cyber-risks needs to be a close second, and much more of a priority, as employees are the first and front lines of perimeter defense as well as the primary points of vulnerability. Third-party relationships need to be evaluated and rated for cybersecurity fitness with greater consistency and regularity. In this report, Javelin offers recommendations for how institutions can limit risks associated with a growing attack surface by, in part, by making their employee cybersecurity education more effective and more efficiently managing their third-party risks.
Key questions discussed in this report:
- How can organizations effectively use cybersecurity employee education to limit the cyber-risks posed by a remote workforce?
- What emerging risks do relaxed and loose bring-your-own-device (BYOD) policies pose?
- How does reliance on managed security service providers (MSSPs) increase cyber-risk?
Methodology
This report was adapted from Javelin Strategy & Research’s May 2021 survey of cybersecurity professionals in the United States. Javelin Strategy & Research maintains complete independence in its data collection, findings, and analysis. The data includes responses from 507 cyber professionals across five industry verticals: financial services, IT, health care, retail, and telecommunications. Approximately 300 respondents came from financial institutions that fall within one of these four asset-size ranges: $500 billion and more; $100 billion to $500 billion; $20 billion to $100 million; and $1 billion to $20 billion.
Interested In This Report
Related content
Data Loss Prevention Against Ransomware
This report explores the challenges financial services providers face, not only when it comes to being attacked themselves, but in the counsel and education they offer to business ...
DDoS Attacks Pose New Risk for Banks: Tiny Botnet Wages Largest HTTPS Attack on Record
The news earlier this month that the largest HTTPS distributed denial-of-service (DDoS) attack on record was intercepted and mitigated should get the attention of financial institu...
Shields Up: How Financial Institutions Should Brace for Targeted Cyberattacks
The U.S. government is warning U.S. firms to prepare for possible Russian cyberattacks due to the West's economic sanctions on Russia and support of Ukraine. This note explores the...
Make informed decisions in a digital financial world