Morgan Stanley's recent $60 million settlement over a data breach demonstrates the difficulty in securing client data, but the big Wall Street bank is not alone.
The majority of global financial service institutions are facing serious issues related to securing their stored data, which will likely only increase as cybersecurity attacks become more prevalent. A recent survey released by data storage company Continuity found that more than two-thirds of respondents believe an attack on their storage environment will have a “significant” or “catastrophic” impact on their business.
Almost 60% of the 200 global firms surveyed aren't confident about their ability to recover from a serious attack.
“When organizational data is compromised, the last line of defense lies in the storage and backup environments,” said Doron Pinhas, Continuity chief technology officer and author of the study. “Recent years have witnessed an alarming growth in the number and sophistication of data-centered attacks — primarily ransomware.”
Ransomware is a type of cyberattack that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid — and such attacks are on the rise. Work-from-home orders have played a significant role in the increase in ransomware attacks, as employees use free WiFi connections from their local coffee shop or do the job at home with a network that is not entirely secure.
Attacks in the U.S. had quadrupled in 2020 before the pandemic hit, with three-quarters of the victims being small businesses that paid more than $350 million in ransomware attacks alone, according to the Department of Homeland Security.
“Given how lucrative organizational data has become — and its growing business values, it is important to realize that we are all in an arms race with cyber criminals,” Pinhas wrote.
In Morgan Stanley’s case, the investment bank informed regulators in July of a separate incident in which attackers exploited a software vulnerability through a third-party vendor and gained access to sensitive data, including clients’ names, addresses, birthdays and Social Security numbers.
The risks from improperly stored data don't just come from criminals, but have become compliance concerns, as well. More than two-thirds of respondents said securing storage and backup had been specifically addressed in recent external audits, according to the survey. The key is staying up-to-date on risk alerts and guidelines the Securities and Exchange Commission puts out, while educating and training employees to understand the severity of cyberattacks.
There’s good news, according to the survey. Companies can be proactive about combating cybercriminals by providing a remote access policy that enables and educates staff on how to access systems from afar. Automation can also reduce risks and allow companies to be more agile when addressing risks.
As always, make sure employees go through a training program with staff and understand the risks of being on an unsecured WiFi network and how to look out for ransomware attacks.
“Fueled by the expansive media coverage and dramatic financial repercussions of data-centered crimes, organizations, vendors and regulators are in a race to identify and close the gap,” Pinhas wrote.
Advisor accused of scheming to move family trust to firm, lawsuit seeks $10 million in damages.
Young Americans are inexperienced in navigating current stormy waters.
Early investor in EV firm says it is in crisis and needs a change of leadership.
Chipmaker's developer conference comes at a pivotal moment.
Three-year program aimed to boost regulatory compliance, culture change.
In an industry of broad solutions, firms like intelliflo prove 'you just need tools that play well together'
Blue Vault Alts Summit highlights the role of liquidity-focused funds in reshaping advisor strategies
