Navigating Cyber 2021

This is a thematic summary of FS-IAC Global Intelligence Office (GIO) in-depth report of cyber trends in 2020 and predictions for 2021. The full report is only available to member financial institutions via the FS-ISAC Intelligence Exchange.FS-ISAC membership is exclusive to financial institutions headquartered in eligible countries. FS-ISAC’s full suite of intelligence products is solely available to members who are directly connected to FS-ISAC Intelligence Exchange.As cybersecurity becomes a more pressing issue, the quality of cyber intelligence you receive is paramount. FS-ISAC is the only global cyber intelligence sharing community solely focused on financial services. Make sure you get your cyber intelligence from reputable sources.

Executive Summary

In 2020, the global pandemic disrupted the daily business operations of FS-ISAC members and the world. Cybersecurity teams in financial services had to adapt strategies and operations to the onslaught of digitization of products, services, and work while contending with fraudsters capitalizing on fear and uncertainty. Changes that normally happened gradually over years were implemented within weeks.

In the addition to the cyber challenges of remote work and fast and furious digitization, other concerns emerged to keep CISOs awake at night: geopolitical tensions manifesting in cyber warfare and crime; the continued commoditization of malware that makes it easy for any would-be cybercriminal to wage attacks; new business models for ransomware that complicate the response calculus; cross-border campaigns that sweep across continents and different types of institutions in mere weeks; and heightened third party risks in a global financial industrywith many common suppliers.

This report details the themes that have emerged in fincyber over the past year and explores where they are heading in 2021 and beyond. The themes are based on the contributions of our members and the resulting trend analysis by FS-ISAC’s Global Intelligence Office (GIO). In 2020, FS-ISAC launched its new secure chat and intelligence sharing platform, the Intelligence Exchange, which provided a new way for members to discuss threats and security trends. Adding choices for members with different communication preferences increased sharing across borders and boosted actionable alerts, which GIO then incorporated into its analysis.

In 2021 we anticipate that third party risks and geopolitical tensions especially will escalate as factors cybersecurity teams need to manage. While they are constantly evolving, one thing is clear. Today’s cyber threats consistently affect several, and often a great many, institutions. They transcend borders and oceans. The same threat actor may target a wide variety of verticals and sub-verticals. And they move swiftly. In this context, cross-border intelligence sharing has never been more critical for the financial services industry to defend against cyber threats, protecting both firms and customers.