Ransomware attacks have been on the rise in the financial services industry, with more and more hackers using the ransomware-as-a-service model to carry out their attacks. With the threat landscape for banks and other financial services being in a constant state of flux, it’s essential to take proactive steps to protect against these attacks. There are no silver bullets in security, and the journey to a well-oiled cybersecurity program is a long one, but there are some basics to put in place to ensure you are building a solid foundation that you can continue to improve upon over time. 
Train and Educate
One of the most critical things banks can do to protect themselves from ransomware attacks is to train their employees. Banks should conduct regular cybersecurity training sessions for their employees on topics like phishing, malware, ransomware, social engineering and password management. Additionally, employees should learn the importance of using strong passwords or passphrases and being vigilant about suspicious activity on their accounts. People are still your weakest link, and if you aren’t putting time into your people, all the other tools and procedures you have in place will become irrelevant.
Invest in Technology
Banks should consider investing in the latest security technology to help protect against ransomware attacks.
This could include advanced firewalls, anti-malware software and intrusion detection systems. Some of these systems already exist in your current technology stack, for example, Microsoft has many good tools built into its licensing, but they aren’t always turned on by default.
Multi-factor authentication, while no one loves an extra step to logging in, should be turned on for every business application, especially ones with financial or sensitive data.
Backup Data Regularly
Another critical step banks can take to protect themselves is to back up their data regularly. This means storing copies of essential data and information in a secure, off-site location. If a ransomware attack does occur, having up-to-date backups can help to minimize data loss and reduce the impact of the attack.
Develop an Incident Response Plan
Banks should also develop an incident response plan to ensure an organized approach to managing the response to a security breach. This policy outlines the steps to take in the event of an attack and includes details on roles and responsibilities for the response team, a business continuity plan, a list of critical network and data recovery processes and how to notify law enforcement, regulatory agencies, customers and other stakeholders. Once you have this in place it’s important to test it and walk through the plan as a team with some scenarios. Free scenarios are available through the Cybersecurity and Infrastructure Security Agency.
Engage in Regular Offensive Security Services
Finally, banks should engage in regular penetration testing and vulnerability assessments to identify vulnerabilities in their systems before a hacker can exploit them. Penetration testing should involve emulating (not simulating) an attack on their network to determine where weaknesses exist. Banks can significantly reduce their risk by identifying and addressing vulnerabilities before a ransomware attack.
By investing in employee training, technology, data backup, incident response planning, and regular penetration and vulnerability testing, banks can better defend against ransomware attacks and protect their employees, customers and bottom line.
Not sure where to start? Reach out to Blue Team Alpha and we can help get you on the right path!
 Banks, Financial Industry Hit by Rising Ransomware Attacks (insurancejournal.com)