Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Profile
    • Privacy & Cookie Policy
    • Terms of Use
    • Contact Us
    • Advertising
    • Submit Post
    • Latest News
    • Research Reports
    • Press Release
    • Awards▾
      • About the Awards
      • Awards TimeTable
      • Submit Nominations
      • Testimonials
      • Media Room
      • Award Winners
      • FAQ
    • Magazines▾
      • Global Banking & Finance Review Magazine Issue 79
      • Global Banking & Finance Review Magazine Issue 78
      • Global Banking & Finance Review Magazine Issue 77
      • Global Banking & Finance Review Magazine Issue 76
      • Global Banking & Finance Review Magazine Issue 75
      • Global Banking & Finance Review Magazine Issue 73
      • Global Banking & Finance Review Magazine Issue 71
      • Global Banking & Finance Review Magazine Issue 70
      • Global Banking & Finance Review Magazine Issue 69
      • Global Banking & Finance Review Magazine Issue 66
    Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

    Global Banking & Finance Review® is a leading financial portal and online magazine offering News, Analysis, Opinion, Reviews, Interviews & Videos from the world of Banking, Finance, Business, Trading, Technology, Investing, Brokerage, Foreign Exchange, Tax & Legal, Islamic Finance, Asset & Wealth Management.
    Copyright © 2010-2026 GBAF Publications Ltd - All Rights Reserved. | Sitemap | Tags | Developed By eCorpIT

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    Home > Technology > Why ransomware readiness in the finance sector is critical
    Technology

    Why ransomware readiness in the finance sector is critical

    Published by Jessica Weisman-Pitts

    Posted on November 9, 2021

    8 min read

    Last updated: January 28, 2026

    An illustration showcasing advanced data recovery solutions, emphasizing the importance of robust backup systems for businesses to quickly restore operations after disasters. Relevant to technology and finance sectors.
    Illustration of data recovery and backup systems related to disaster recovery - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Quick Summary

    Ransomware readiness is critical for the finance sector due to increasing threats and regulatory changes. Cyber insurance and enhanced security measures are essential.

    Why Ransomware Preparedness is Vital for Finance

    By Piers Wilson, Head of Product Management at Huntsman Security

    Ransomware attacks have been making headlines recently. From AXA to CNA Financial, no part of the finance sector is impervious to the risks. For many organisations, initial worries focus on the logistics and the cost of a ransom, however, the wider damage and costs increasingly relate to rectification, revenue loss and reputational damage. Attacks, such as in the Kaseya case, have also shown the increasing risks that “trusted” service providers and 3rd party supply chain participants can bring – multiplier effects that can quickly  impact one million endpoints, with a ransom set at US$70m.

    The network effect in the financial services sector benefits all stakeholders – from institutions to consumers. The increase in shared data and services, however, compounds the risks of successful cyber attacks. And, as we have seen with the impact of ransomware on pipelines and even food processors, the impact on organisations, and individuals, of being locked out of systems is huge. If customers cannot access funds or transact with service providers across the supply chain, anxiety and costs can escalate and commercial reputations quickly trashed.

    An easy way out?

    Businesses might have once seen the payment of a ransom as a potential ‘quick fix’ to the problem of ransomware attacks. This option, however, is now likely to become a thing of the past as bans on ransom payments are being contemplated in France and in the US by the SEC and OFAC. . In Australia, there are calls for mandatory notifications of ransom payments by ransomware victims.

    Finance sector organisations also need to consider that even when ransoms are paid, the decryption process and returning to business as usual can be so slow that the ability to reinstate operations from their own internal backups and security safeguards can be achieved in the same time. As the scale of attacks and disruption of those impacted by supply chain ransomware attacks escalates, the message is increasingly that time is of the essence. If you can’t trust the decryption key from an attacker, then you are best advised to invest your time and effort in reconstructing, reconfiguring and securing your IT systems and services from the ground up so as to be confident in their integrity.

    Despite the possibility that the payment of ransoms will become unlawful, cyber insurance will remain an effective tool for organisations to fund the process of getting back up and running quickly and reducing disruption. Insurers are demanding that prior to issuing a cyber policy, organisations must now show evidence of their having adequate cyber security controls in place. In fact, growing ransomware threats make it likely that insurance premiums will increase even further, so getting verifiable cyber risk management capabilities in place is likely to move even further up the list of board priorities.

    A challenging environment

    The financial sector also faces some other more particular challenges. Many financial institutions hold vast amounts of personal data, whether on accounts, transactions, users or reports. Complicating this is open banking legislation, like PSD2 in the UK/EU and CDR in Australia, which requires that the process of customer approved sharing of their personal data, is easy and accessible. These rights for consumers to have their personal information held and transmitted between financial sector participants will necessarily redistribute the responsibilities for cyber security in the sector and as a result, increase the levels of cyber security risk during this period of adjustment to a changing environment.

    The financial services sector is already – and indeed, always has been – an attractive target for criminals at all levels. The requirement that customers have greater control over access to their data adds the requirement for whole new level of ransomware readiness. Organisations could face anything from disgruntled employees, to fraud, to criminal ransomware attacks seeking to enable the wholesale theft of personal data. The stakes couldn’t be higher; so what can the sector do to protect itself?

    Preparing for ransomware attacks

    Putting in place anti-virus software and network defences – alongside the rise of endpoint detection and response – can certainly help manage attacks. But these solutions rely on detecting malicious activity in the first place. What if your endpoint or network solution misses the attack, without warning? Do you have visibility into what’s happening? Are there other controls in place that can mitigate the threat? Are they monitored and managed as part of an IT risk management program?

    More attention must be given to preventing or at least limiting successful ransomware attacks before they do serious damage.  Getting the basic cyber security controls in place and working to protect recognised threat vectors, really pays dividends as these are precisely the weaknesses that ransomware attackers are likely to exploit.

    There are three areas to focus on. The first two are the prevention of any initial infection and containment or limitation of the spread if one does occur. These strategies need to be coupled to a third, recovery, which ensures systems and data can be restored and an incident can be successfully managed. The core principles of effective risk management apply – identify and triage the risks and manage them accordingly.

    There are some key safeguards organisations can adopt to support each of these elements:

    Prevention

    • Application control – ensuring only approved software can run on a computer system, securing systems by limiting what they can execute.
    • Application patching – applications must be regularly updated to prevent intruders using known vulnerabilities in software.
    • Macro security – checking that macro and document settings are correctly configured and to prevent the activation of malicious code.
    • Harden user applications and browsers – use effective security policies to limit user access to active content and web code.
    • Firewalls/perimeter – and even physical on-site security – limit user access outbound and remote connections inbound.
    • Staff awareness – while not a technical control, building a “cyber culture” and a better understanding by staff of cyber security, the threats and mitigation strategies that can minimise cyber attacks, is vital.

    Containment

    • Restrict administrative privileges – limit admin privileges by allowing only those staff needing to access systems to do so, and then solely for specified purposes and within controlled access.
    • Operating system patching – fully patched operating systems will significantly reduce the likelihood of malware or ransomware spreading across the network from system to system.
    • Multi-factor authentication – used to manage user access to highly sensitivity accounts and systems (including remote users).
    • Endpoint protection – install anti-virus software and keep it updated.

    Recovery

    • Regular backups – secure data and system backups off-site and test your recovery processes.
    • Incident response – in planning for a worst case scenario make sure everyone is well versed in the incident management playbook.

    Gaining assurance in controls

    Businesses must make sure they are monitoring their security controls to ensure that they are working effectively. If one control is ineffective, the IT teams need to know quickly to mitigate any shortcomings and reinstate an adequate cyber posture. A “cyber security culture” that ensures these risks are a board level issue will improve overall corporate ransomware preparedness.

    The board should receive reports that provide clear visibility of these controls, and leverage these KPIs as part of their cyber security risk management process. They can be used as part of a continuous cyber security improvement program. Being able to monitor readiness and assess the risk of attack provides early warning defence and confirmation that cyber security risk management processes are in hand.

    Summary

    The financial services sector faces many challenges when it comes to putting in place comprehensive cyber security risk management practices. If a bank or insurer was affected by a significant ransomware attack, the wider implications on the economy could be significant. Recent fuel shortages resulting from the Colonial Pipeline incident gave us a glimpse of the resulting widespread public panic and concern. It was reminiscent of the run on Northern Rock bank branches in the UK in 2007, at the start of the financial crisis. It doesn’t take much to imagine the level of public panic that would ensue if a massive ransomware attack locked consumers out from accessing their funds.

    Organisations in the sector must have comprehensive cyber defences and controls, backed up by regular monitoring to make sure they are working effectively, and ensure that if one control fails to identify or prevent an attack, other complementary controls are operational and able to limit its impact.

    That way the risk of a successful attack can be minimised, and organisations can maintain effective IT governance to better prevent costly disruption to their systems, operations and reputations.

    Key Takeaways

    • •Ransomware poses significant risks to the finance sector.
    • •Payment bans on ransoms are being considered globally.
    • •Cyber insurance is crucial for managing ransomware impacts.
    • •Open banking increases cybersecurity responsibilities.
    • •Financial institutions must enhance ransomware readiness.

    Frequently Asked Questions about Why ransomware readiness in the finance sector is critical

    1What is the main topic?

    The article discusses the importance of ransomware readiness in the finance sector, highlighting cybersecurity challenges and solutions.

    2Why is ransomware readiness important?

    Ransomware readiness is crucial to prevent financial losses, reputational damage, and to comply with potential regulatory changes.

    3How can financial institutions prepare for ransomware?

    Institutions should invest in cybersecurity measures, consider cyber insurance, and ensure compliance with open banking regulations.

    More from Technology

    Explore more articles in the Technology category

    Image for Debtist: Digital Debt Collection for Modern Businesses
    Debtist: Digital Debt Collection for Modern Businesses
    Image for Infosecurity Europe launches new Cyber Startup Programme to champion the next generation of cybersecurity innovators
    Infosecurity Europe launches new Cyber Startup Programme to champion the next generation of cybersecurity innovators
    Image for BLOXX Launches ĀRIKI BLOXX at Web Summit Qatar
    BLOXX Launches ĀRIKI BLOXX at Web Summit Qatar
    Image for Engineering Trust in the Age of Data: A Blueprint for Global Resilience
    Engineering Trust in the Age of Data: A Blueprint for Global Resilience
    Image for Over half of organisations predict their OT environments will be targeted by cyber attacks
    Over half of organisations predict their OT environments will be targeted by cyber attacks
    Image for Engineering Financial Innovation in Renewable Energy and Climate Technology
    Engineering Financial Innovation in Renewable Energy and Climate Technology
    Image for Industry 4.0 in 2025: Trends Shaping the New Industrial Reality
    Industry 4.0 in 2025: Trends Shaping the New Industrial Reality
    Image for Engineering Tomorrow’s Cities: On a Mission to Build Smarter, Safer, and Greener Mobility
    Engineering Tomorrow’s Cities: On a Mission to Build Smarter, Safer, and Greener Mobility
    Image for In Conversation with Faiz Khan: Architecting Enterprise Solutions at Scale
    In Conversation with Faiz Khan: Architecting Enterprise Solutions at Scale
    Image for Ballerine Launches Trusted Agentic Commerce Governance Platform
    Ballerine Launches Trusted Agentic Commerce Governance Platform
    Image for Maximising Corporate Visibility in a Digitally Driven Investment Landscape
    Maximising Corporate Visibility in a Digitally Driven Investment Landscape
    Image for The Digital Transformation of Small Business Lending: How Technology is Reshaping Credit Access
    The Digital Transformation of Small Business Lending: How Technology is Reshaping Credit Access
    View All Technology Posts
    Previous Technology PostSOLEK teams up with BlackRock for up to 200 MW solar plants in Chile
    Next Technology PostHarvest Now, Decrypt Later