A report done by PwC in 2014 in cooperation with BBA (British Banking Association) highlights very interesting aspects and challenges of the financial and banking industry that are highly relevant for our CS-AWARE project:
Malicious actors identified
• Hacktivists – looking to provoke maximum disruption and embarrassment
o Favoured techniques: SQL injection and DoS
• Organized criminals – primarily motivated by financial gains
o Prefer blended attacks (technical and social engineering)
• Nation State – they commit the most targeted attacks
o Not all attacks are sophisticated and 95% used phishing
Common tools and techniques:
• Social Engineering
• Deployment techniques
Looking at the above threats, most of them fall into the scope of CS-AWARE project and therefore the banking and finance industry appears to be a very good domain of applicability for the final outcome of our project.
The report has also some very good recommendations that we’ll only summarize here, anyone interested could read more at the provided link article below.
Recommendations for pro-active measures:
• Enhanced exchange of cyber knowledge
• Intensified co-ordination to influence strategic policy
• Measurement of industry wide cyber impacts
• Centralizing cyber-information
• A global industry approach
Starting from this article at Peracton we’ll start analysing in depth the financial/banking market needs in order to provide an early market validation and analysis of the potential of CS-AWARE platform in such industries.