You are using an out-of-date browser. Update your browser or view website in basic form.

Je gebruikt de verouderde vormgeving maar je browser is volledig up-to-date.

Essential resources for banking executives:Enter ‘Banking Reinvented’

Platform
The Engagement Banking Platform
Orchestrate customer journeys across all channels with a composable platform fabric.
The Platform
Platform Capabilities
Identity & Entitlements
Securely manage user digital identities and access rights.
Customer Experience
Create tailored experiences and targeted campaigns.
Omnichannel Banking
Hollow out your core and create modern banking experiences.
Human Assist
Unify customer servicing operations on a single platform.
Process Orchestration
Streamline and simplify your business processes.
Customer Data & AI
Leverage AI/ML to reduce cost and improve financial wellness.
Integration Capabilities
Integration Platform-as-a-Service
Solve your back-end integration challenges with Grand Central.
Core Banking Integrations
Plug-and-play integrations with leading core providers.
Fintech Integrations
Easily connect with best-of-breed fintech capabilities.
Solutions
Customer Stories
Learn how financial institutions like yours are leveraging our platform to drive success.
Customer Stories
Bank type
Retail Banking
Become the preferred banking app.
Credit Unions
Better serve and engage your members.
Business Banking
Build a one-stop shop for businesses.
Private Banking&Wealth Management
Assist the next generation of investors.
Marketplace
Services
How do we help?
Unlock the full potential of your Backbase platform.
Backbase Services
Customer Success
Value Consulting
Strategic advisory services to bring your vision to life.
Implementation Services
Your apps delivered on time, on scope, and on budget.
Managed Hosting
Ensure enterprise-level uptimes for your Backbase apps.
Managed Services
Stay ahead with the latest and greatest features.
Training & Support
Developer Resources
Intuitive tools, how-to guides, and technical documentation.
Training & Certification
Upskill your team with on-demand, role-based learning.
UX Resources
Express your brand and make it memorable in just a few clicks.
Product Support
Subscription-based, expert knowledge, and support.
Insights
Insights
Resources to help you succeed in the new era of Engagement Banking.
All materials
Banking Reinvented
Essential resources for banking executives.
Blog
Find fresh perspectives on major banking trends.
Guides
Featured whitepapers to enrich your digital strategy.
Videos
Watch our latest CxO interviews, demos, and webinars.
Analyst Recognitions
Backbase is named a leader by top industry analysts.
Reports
Download independent reports from leading analyst firms.
Customer Stories
Success stories from some of our happy customers.
Company
About us
We’re making banking better for everyone.
About Backbase
Company
Press and Media
The latest news and company updates.
Careers
Help us make banking better for everyone.
Events
Find us at upcoming events near you.
Social Responsibility
Our commitment to a better world.
Get in touch
Contact
Have questions for us? Our experts are happy to help!
Schedule a chat

Understanding the cybersecurity threat landscape in banking

In the first blog of our cybersecurity series, you’ll learn the ins and outs of the cybercrime landscape, directly from Backbase CISO Brian Vlootman.

by Brian Vlootman

Introduction

When it comes to cybercrime, attackers tend to go where the money is. And as a banking leader, you should be concerned, to say the least. I know I am. As Backbase’s Chief Information Security Officer (CISO), I have a first-hand view of the security threats that banks are facing, and that number is steadily climbing.

The fact of the matter is that cybercrime is on the rise because it’s extremely profitable, and that means this trend isn’t going anywhere. And on the other hand, these attacks are particularly costly, especially for banks. In fact, according to IBM, a data breach in the financial sector can cost around $5.90 million, as of 2023.

To add fuel to the flames, generative AI has made it easier than ever to orchestrate phishing and social engineering attacks, now that a fake persona is only a prompt away. That means you’ll be facing increasingly sophisticated tech incursions — at a lower cost to the attacker — that could push the limits of your skill to combat. And AI is getting smarter by the day.

While some attackers are attempting to steal large sums of money, others aim for different targets, such as valuable customer data. But regardless of target, a successful breach of your bank’s cyberdefenses can lead to a host of issues, including operational disruption and reputational damage, to say nothing of the tens of billions of dollars in fraud-related costs. Take UniCredit’s 2018 data breach case, which recently resulted in a fine of €2.8 million by Italy’s data protection authority. And that doesn’t even touch the true cost of fraud, which LexisNexis estimates at 4.41x the lost transaction value, including fines, fees, and investigative costs.

The situation may seem bleak, sure, but I promise you, there is a way to combat these attackers — all while rapidly modernizing your bank’s tech infrastructure and overhauling the customer experience, which I’ll cover later in this blog series. For now, let’s discuss the top trends and threats you should be looking for in the days to come.

What is the cybersecurity threat landscape today?

First, let’s start from a global perspective, outside the context of banking. At the moment, the top cybersecurity threat worldwide continues to be phishing schemes and social engineering attacks, which are increasingly powered by AI. After that, there’s simple credential theft, where attackers leverage stolen access rights to log in, followed by a lack of effective vulnerability management and the deployment of ransomware and malware.

And a lot of this is also reflected in the banking sector. Origination and onboarding journeys in particular are feeling the brunt of the attacks, particularly when it comes to social engineering. In other cases, attackers are taking advantage of weak authentication protocols to log in as a normal end-user. The exploitation of application vulnerabilities continues to be one of the main ways attackers compromise a banking system.

And of course, let’s not forget the ever-popular distributed denial-of-service (DDoS) attacks. Since banks present a large attack surface, hackers are able to use this method to distract security teams while they launch additional cyberattacks, allowing them to extract a hefty ransom. In fact, according to Verizon’s research, the financial sector was hit with 1,256 known DDoS attacks in 2023 alone, second only to the information industry (1,492).

Unfortunately knowing the threat is only part of the battle. As a banking leader, what can you actually do to help? Well, it’s all about building cyber resilience, a topic I’ll cover at length later in this four-part series.

Up next

Improving your bank's cybersecurity

In this blog, we’ve set the scene, leaving us open to explore the solution in greater depth in the follow-up: 3 tips for improving your bank’s cybersecurity. There, I’ll share a few key recommendations to help bolster your tech defenses beyond the basics you’re already aware of. And after that, we can move on to the best approaches for achieving true cyber resilience — a lofty yet achievable goal your bank should be striving for in the years to come.