Third of cyber breaches undetected for a week
Written by Hannah McGrath
Nearly one third of cybersecurity breaches in UK financial services firms go undetected for longer than a week, according to new research from Accenture.
The consulting firm surveyed more than 800 enterprise security practitioners, including 75 from the UK, and found that financial services firms successfully stopped 81 per cent of cyber attack attempts in 2017, up from 66 per cent in 2016.
However, 31 per cent of breaches went unnoticed for a week, leading to conclude that financial services executives are over confident in their security capabilities. The firm said that it is critical for companies to identify a breach in days, if not hours, in order to contain the damage it could cause to internal systems.
The research also showed that while 80 per cent of executives regard increasingly sophisticated technologies such as automation, artificial intelligence and machine learning as essential to combatting cybercrime, only a third are investing in them and 21 per cent plan to significantly increase their investment in the next three years.
The increase in external cyber threats is being driven in part by a greater reliance among firms in partnerships for growth, Accenture said, with almost a third of UK security executives prepared to hold their business partners to lower cyber security standards than their own.
Firms’ susceptibility to attack has also been increased by the rise of connected devices as part of enterprise infrastructure, which offer more entry points for criminals.
Carmina Lees, managing director of UK financial services at Accenture, said: “While UK financial services firms are making strides to close the gap on cyber-attacks, there is still work to be done given the amount of breaches that go undetected for so long.”
She added that over confidence combined with under investment in cyber resilience could spell bad news for the financial services sector, especially given the rise of digital and Open Banking and third-party data sharing.
She explained that historically the focus has been on external threats, however, firms would benefit from looking closer to home for potential breaches on the inside.
“It’s no good building a wall outside to stop people getting in,” stated Lees. “They need to work on the assumption that the hacker has already broken into the house and they need to contain them in one room to quickly prevent more damage.”
A recent analysis by Juniper research forecast that more than 33 billion records will be stolen by cyber criminals in 2023 alone representing an increase of 175 per cent on the 12 billion records expected to be compromised in 2018.