In a Nutshell: Ripe with a variety of vital customer information, financial services organizations are often some of the juiciest targets for cyberattacks, which are not only expensive but can also have long-term brand impacts. To help protect against malware invasion, many major financial institutions trust Malwarebytes, a leader in digital security software. Defending against many common malware devices, including ransomware and phishing campaigns, Malwarebytes Endpoint Security provides scalable protection, accommodating thousands of endpoints for businesses of any size. To clean up an infected system, Malwarebytes Breach Remediation reduces the time and energy required to remove infections and related artifacts, decreasing the risk of additional attacks.
Containing everything from family photos to banking records, our personal hard drives often hold more than just documents — they hold precious memories. So when those devices are held ransom by a cyberattack, the results can be devastating. But while a malware invasion on the consumer level can cause major damage, the effects of a ransomware attack, phishing campaign, or another digital disaster can be downright debilitating for a business.
And the potential of getting caught in one of those disasters is increasing. Malwarebytes’ 2017 Q1 Analysis of Malware Trends report found US businesses detected 165% more malware in the first quarter of 2017 than in the same quarter of 2016. The report also found total malware incidents increased by more than 1,000% in some states, with Arizona businesses experiencing an astounding 1,333% year-over-year increase.
What’s more, malware doesn’t discriminate; no matter the size, industry, or nature of a business, it can be a victim of a malware infection at any time. From the corner mom-and-pop to the global conglomerate, even a brief cyberattack can have long-term consequences for the company, ranging from financial and brand impacts — to downright bankruptcy.
“Small businesses risk losing everything in the face of just one attack,” explained a representative for Malwarebytes, a leader in virus and malware protection software. “Many may have to shut down altogether. In fact, the 2017 Hiscox’s Cyber Preparedness Report notes that small businesses lose an average of $41,000 per cybersecurity incident — a cost that most cannot afford.”
To really picture the problem, if a single attack can have such profound impacts on the small business level, imagine those on the enterprise level. Now, add in the personal and financial information of millions of customers to the mix. Welcome to the terrifying landscape of financial services cybersecurity.
“In the specific case of major financial institutions, the risks are numerous,” said Malwarebytes. “Financial institutions hold a wealth of Personally Identifiable Information (PII) that is a gold mine for hackers. With access to Social Security numbers, ATM pin codes and bank account details, hackers can wreak havoc on individuals’ finances and even commit identity fraud.”
The scariest part? Many of those financial institutions are relying on patchwork legacy systems, parts of which were likely designed well before the shiny new malware diligently infesting them. Indeed, of the top 20 commercial banks in the US, a full 75% were found to be infected with some type of malware — and more than 750 malware events were detected across the 20 institutions in just one year.
Maintaining Institutional Trust by Preventing Theft of Sensitive Customer Data
On the enterprise scale, a successful cyberattack can have many internal results, including the loss of everything from money to proprietary data. For many consumer-facing companies, those losses can include even more significant external resources — such as vital consumer data — with wide-ranging impacts.
“For large enterprises, financial ramifications are certainly an issue, but more concerning is the potential harm of an attack on brand reputation, customers, vendors, and partners,” Malwarebytes’ spokesperson described. “Such an attack puts major financial institutions in a position where they could not only lose the trust and business of valuable clients, they can also be in major violation of certain industry compliance standards.”
In today’s consumer landscape, companies that can’t protect customer data may soon be bereft of customers. This can be especially true in the financial industry; after all, who wants to keep their money in a bank that isn’t safe?
According to Malwarebytes, “Trust is critical for customer acquisition and retention, so financial institutions find themselves especially vulnerable to the reputational damage caused by security breaches. Damage to brand and image takes far longer to repair than that done to the compromised IT infrastructure itself.”
How much longer? One study suggests it can take from 10 months to two years to restore a company’s reputation from a consumer data breach.
So, what’s the solution? Well, to paraphrase the popular adage, the best offense against cyberattacks — is a good digital defense. That’s where Malwarebytes enters the picture. In particular, many major financial institutions rely on Malwarebytes Endpoint Security for proactive malware protection.
“Next-gen endpoint protection employs dedicated anti-malware, anti-exploit, and anti-ransomware technologies to detect and block unknown and known threats,” said Malwarebytes. “The central management console offers robust reporting and visibility into the security status of multiple endpoints (thousands) at one time.”
And to take it to the cutting edge, Malwarebytes’ brand new single-agent cloud platform combines Malwarebytes Incident Response with Endpoint Protection for multi-layer coverage both online and off. Powered by Malwarebytes’ innovative Anomaly Detection Engine and a machine-learning approach, Malwarebytes’ cloud platform provides real-time, signature-less detection against new and unknown threats.
Defending Thousands of Endpoints for Scalable Protection
While the specific number will vary from one business to the next, a given organization can have from hundreds to thousands of endpoints, each representing a potential breach point for cyberattacks. These include everything from vital infrastructure components, such as servers and Point of Sale (PoS) devices, to necessary peripheral units, like network-connected laptops, tablets, and smartphones.
“Ideally, each of these endpoints would be monitored and secured. However, recent data shows that organizations are still failing to secure about one-third of their endpoints, with laptops and smartphones making up most of these failings,” explained the Malwarebytes spokesperson. “Each endpoint left unsecured greatly increases a business’s risk for infection, as it takes only one employee or user to allow an attack inside a company’s network.”
Once a breach occurs, malware can quickly spread along a network, infecting much more than a single endpoint. One attack can also help fuel another, disrupting systems and leaving vulnerabilities in its wake.
“Malwarebytes Breach Remediation, our protection solution for businesses, rapidly removes infections and related artifacts, not just the primary payload or infector,” described Malwarebytes. “This greatly reduces the time or work involved in future attacks by eliminating risk of new attacks or lateral movements that capitalize on leftover malware traces. It also integrates easily with existing security infrastructures that companies may have in place.”
Consistently Updating & Adapting Products for Sustainable Regulatory Compliance
Of course, in the financial industry, few solutions are maintainable if they can’t keep up with the intricate and seemingly ever-changing web of regulations. This includes the dynamic new world of cybersecurity regulation, which has led to financial services becoming the largest and fastest growing private sector digital security market.
“The Gramm-Leach-Bliley Act (GLBA), SOX, and an alphabet soup of regulatory agencies and acts require strict compliance, often with cybersecurity mandates that include endpoint security directives,” according to Malwarebytes. “Failure to meet these requirements can result in stiff fines.”
Providing protection to both domestic and international users, Malwarebytes continuously monitors applicable laws and regulations on a global level. The company regularly updates and adapts its products to make sure its clients can maintain appropriate compliance.
“Updates may include a wide variety of changes, including improving product performance, releasing new features, and adapting features to ensure compliance with changing laws and regulations,” said Malwarebytes. “Ultimately, we want to ensure our consumers are always able to use our products. If we don’t keep up with regulatory changes, it could impact our ability to serve those consumers.”
Malwarebytes Stands Between Malicious Software & Your Financial Data
For the modern digital consumer, few things are likely as devastating as losing their entire personal hard drive to the whims of a malicious cyberattack. As individually destructive as it can be, however, the impacts of a home network breach often pale in comparison to the potential impacts of the successful attack of a major financial services institution.
Over the last decade, Malwarebytes has helped protect consumers and businesses alike from the hazards of the digital world. For many financial organizations, Malwarebytes stands between their vital consumer data and the vast host of malware minions eager to pillage it. But even a leader in cybersecurity software can’t do it alone.
“Human error is a huge factor in the success or failure of security initiatives. Therefore, consumers need to be involved in the process,” Malwarebytes explained. “If an individual user is not privy to basic security practices, no tools used on the institutions’ end can fully prevent a breach.”
Editorial Note: Opinions expressed here are the author's alone, not those of any bank, credit card issuer, airline or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.