Phishing, where attackers often use social engineering to deceive individuals into revealing sensitive information, has already had a widespread impact and continues to pose a significant threat (23 per cent). We cannot rule out more examples like the one at Bunq in the future.
And 22 per cent of organisations suffer from weak or stolen credentials. A recent Kaspersky study shows that six out of 10 passwords can still be broken within an hour.
Weak or stolen credentials give direct access to data to enable theft, fraud or identity crimes or to make unauthorised purchases and transfer money, creating financial loss for both individuals and institutions.
What should financial advisers do to protect their businesses?
Cyber threats have evolved from floppy disk viruses to AI-driven attacks, but one thing remains: criminals profit from exploiting sensitive information, making it an industry of its own and human involvement.
Forrester predicts that 90 per cent of data breaches in 2024 involve a human element, regardless of the root cause. Here are three key recommendations.
While keeping software up-to-date is essential, financial professionals should be vigilant about the software they use, including understanding its origins and who developed it. Financial advisers should make sure that they check software is from a trustworthy source and consult with their security teams if they are not sure.
Cyber criminals do not distinguish between your professional and personal life. With hybrid work, they might exploit your personal device that you occasionally use to check work emails and so on. Ensure any personal devices you use for work are secured in the same way as you do with any work-based devices and you apply the advice you are given about security in the workplace in your home life.
Finally, a significant portion of data breaches involve human error. Financial professionals should be aware of their responsibility to their clients to keep data safe. Educate yourself beyond compliance; focus on building a security culture.
Human risk management not only strengthens security but also adds business value by building trust with your clients that you will act as a responsible custodian of their data.
Madelein van der Hout is a senior analyst at Forrester
