Fintechs Prioritise Cybersecurity as Global Threat Increases

Fintechs and technology giants are increasing their cybersecurity measures against potential cyberattacks in light of continued global instability caused by the war between Russia and Ukraine.

Russia has always been considered a major complication in the fight against cyberattacks and cybercrime - but with tensions escalating globally, technology and fintech companies are embracing new cyber solutions and acquiring stronger partnerships in an attempt to fortify their systems against new online threats.

Reasons for the increased cyber threats include an insufficient supply of cyber talent, and companies worldwide supporting largely remote workforces. The rising cost of cyberattacks as they become more aggressive and difficult to address, as well as the widespread migration to the cloud, has also compounded the problem.

In a recent report by CBS insights, funding to cybersecurity tech startups has more than doubled YoY in 2021, now exceeding US$25bn.

Google’s biggest cybersecurity acquisition ever

For example, Google has announced the acquisition of the leading cybersecurity company Mandiant. The move, which according to reports cost Google an impressive US$5.4bn, is the technology giant’s second cybersecurity acquisition of 2022 (they recently acquired Siemplify) - and its second-biggest acquisition ever, which means protection of their systems against imminent threats is at the front and centre of their current strategy.

Employee behaviours leading to greater cybersecurity risks

According to a new research report by the think tank Endpoint Ecosystem, the behaviours of finance industry employees in the current working climate are a major contributing factor to the heightened cyber threats.

Key findings in the study show that one-third of finance industry workers store their work passwords in a personal journal. A further 52% of finance workers say security policies restrict the way they work and 49% admit to finding ways to work around security policies. Another worrying trend is that 46% of finance workers surveyed in the report said they allow their family members to use their work devices for personal usage.

Cyber risks increased by poor employee practice

The Endpoint study also revealed poor password management, restrictive security policies, and inadequate security awareness training. More than 60% of workers also said they thought they were more efficient when using non-work apps such as Dropbox and Gmail.

However, fintech workers were found to be the most cyber aware of all the industries surveyed in the report, with 74% of finance workers believing they will get fired for a data breach while 68% believing their executives should be fired for a privacy breach.

Increased focus on fintech ID security solutions

To combat these issues, fintech and insurtech companies are increasing their cybersecurity protection through new and better ID solutions.

According to the Aite-Novarica Group, 47% of Americans experienced financial identity theft in 2020 and the number is increasing by more than 40% YoY. Juniper Research also recently reported that Online sellers will lose $130bn to online payment fraud between 2018 and 2023.

As Tom Thimot,  CEO of authID.ai, a provider of secure, mobile, biometric identity verification software products, puts it, the situation will not improve unless users successfully change the behaviors that leave them vulnerable to cybercrime attacks.

He explains, “Here’s the hard truth: Often, hackers succeed due to individual and enterprise behaviours that leave users vulnerable to exposure. Despite the prevalence of phishing, smishing, password spraying, and other common cyber infiltration techniques, consumers and organisations continue to engage in risky password behaviour.”

Poor password management, he agrees, is a huge contributing factor. “Using “password” or “12345” as your password will unfortunately no longer suffice. Likewise, many organisations have jeopardised employee and customer data – and their own digital assets – by relying on outdated identity authentication solutions to keep them safe.”

Instead, Thimot suggests two identity authentication mainstays. “One-time SMS pin codes (OTPs) and knowledge-based authentication (KBA), can no longer outsmart digital bad actors. The former can be rerouted, and even the most novice hacker can easily surface the answer to “What’s your mother’s maiden name?”

He concludes, “Cyber threats, and the investments in security required to overcome them, are top of mind, yet solutions cannot compromise ease-of-use and efficiency. Facial biometrics has already proven to be the worthy rival that can prevent hackers from wreaking havoc, and the market is making its excitement known. The future of cybersecurity is already here, and it’s password-less.”