This marks the third edition of the Modern Bank Heists report, which takes an annual pulse of some of the financial industry’s top CISOs and security leaders. This survey offers more than just data. We use the information gleaned from this report to educate the market on how modern cybercriminals are evolving; what tactics, techniques and procedures (TTPs) are emerging; and how defenders can keep pace. Perhaps most importantly, we use the information to deliver a stronger cybersecurity platform to the market.
In this year’s survey, CISOs revealed what they’re seeing with attack prevalence and evolution. Our questions tackled topics including lateral movement, counter-incident response, island hopping and integrity attacks. The financial sector is not a new target for criminals. Of course, the bank heist has evolved significantly—from stickups to cyberspace—but the fundamental motivation behind the attacks has remained: money.
While this report features the financial sector as a prime target for incentivized attacks, the threat horizon identified here drives threats across many industries. These insights should serve as a starting point for a discussion between the cybersecurity community and the defenders of the financial sector on how we might best collaborate and wage a counterinsurgency in cyberspace.