The state’s Department of Financial Services is only three years old, but the agency has already worked to increase fines and executive accountability for banks. In fact, DFS fined French bank BNP Paribas a record $8.9 billion for doing business with countries that have been blacklisted by American authorities.
In his speech, Lawsky went on to say that cyberterrorism is the most important issue his agency will work on in the coming year, warning that a large-scale event could come if protective measures aren’t taken soon.
“I worry that we’re going to have some sort of major cyberevent in the financial system that’s going to cause us all to shudder, an Armageddon-type cyberevent,” Lawsky said at the Summit. “The failures to detect the 9/11 plot were sort of a failure of imagination, some would say … I worry about the same thing here: that an event will happen and we’ll all look back at it and say, ‘How did we not do more?’”
Lawsky went on to say that there are only two types of people: those who have been hacked and are aware of it, and those who have been hacked and haven’t found out yet. A series of prominent data breaches targeting major companies and compromising the credit card information of millions of customers have occurred recently, causing alarm within the financial sector.
Financial Sector Experiencing Increased CyberattacksBanks have also come under attack, with a variety of high-profile financial institutions suffering breaches last month. In all of the security incidents, not only were the attacks large-scale occurrences, but they also persisted for several months, making them more harmful.
A report on cybersecurity in the financial sector by New York’s DFS released earlier this year found that most institutions surveyed had been the victim of a cyberattack at least once over the last three years, and the breaches occurred irrespective of the institutions’ sizes. Due to the increased threat facing financial service providers, Lawsky urged the use of protective security measures.
“It’s a bargain if we harden our systems now and protect against something more catastrophic,” Lawsky said. “It is a great deal in my view. Once there is major event, everyone suffers. We’re going to pay for it either now or then.”
For organizations looking to increase enterprise security and improve data loss prevention, either financial or otherwise, data encryption is a proven way to protect sensitive information. Another option is the use of a public key infrastructure, or PKI, to ensure malicious actors are not able to access privileged information. PKI is one of the safest encryption methods available, offering companies increase data security and peace of mind when transmitting sensitive information.