Tech
Cybersecurity in the Financial Services and Mortgage Banking industry in 2022 has started off with a bang. We’re facing an unprecedented time of market contraction, a complex threat landscape, increasing compliance requirements, and a demand for more cybersecurity resources. After getting through the pandemic and an unprecedented volume of demand for loans, many leaders in the Independent Mortgage Banking industry might be thinking that things couldn’t get any more complicated.
In the fourth quarter of 2021, the Identity Theft Resource Center, a US based non-profit organization founded to aid victims of identity theft, found that cybersecurity incidents impacting mortgage transactions increased by 17% year over year. We also got notice from CISA; the Cybersecurity & Infrastructure Security Agency, that they have seen an increase in threats targeting the United States financial sector ordering a “Shields Up” notice. The Shields Up notice asks companies to focus on the “commonly exploited” vulnerabilities, of which just crossed the mark of 600 different vulnerabilities.
In late 2021, one of the most common vulnerabilities was released: Log4j. First exploited in late November 2021, this vulnerability which leverages the java Log4shell function impacts instances of software tools, endpoints, and cloud services around the globe dating back as far as 2013. Many of the common platforms that we use within the industry were impacted, adding to the list of required items for us to review and validate with our third-party vendors.
On the back of Log4j, just as we seemingly get out of the woods, we get hit by a group of teenagers who successfully bi-pass various security controls and compromise OKTA and Microsoft in the same week. Reminding us that threat actors are always around the corner waiting to identify weakness.
There are several simple steps that all companies should be focusing on to reduce their overall cybersecurity risk.
Because of the combination of consumer urgency, and monetary value the mortgage industry is a ripe target in these challenging times. Mortgage companies need to retain experts who are not only familiar with the industry and compliance trends but who also focus specifically on cybersecurity and compliance.
All organizations need a helping hand from experienced professionals. Digital Silence; a world class boutique cybersecurity company, specializes in taking an elite threat actor approach to security as part of every engagement ranging from our penetration testing and risk assessment services, incident response and threat intelligence research, up to our full Virtual CISO services. Digital Silence services multiple industry verticals including Financial Services, Mortgage Banking, Healthcare, Technology, and Media & Entertainment.