Security news aggregator

Latest coverage for Finance

Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.

Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.

Showing 6 most recent headlines Filtered view
Bank Info Security 9 months, 4 weeks ago

ISMG Editors: Security Acquisitions Face Cultural Challenges

Also: Inside the AI Sandbox Act; Cybersecurity Summit: London Financial ServicesIn this week's update, three ISMG editors discussed Mitsubishi Electric's $883 million purchase plans for Nozomi Networks, the new Sandbox AI bill in Congress that aims to cut perceived red tape limiting AI innovation, and takeaways from the latest Cybersecurity Summit: London Financial Services.

Bank Info Security 9 months, 4 weeks ago

AI Threats Top Focus at London Financial Services Summit

CISOs, Regulators, Innovators Unite to Strengthen Resilience in Financial ServicesThe London Financial Services Summit tackled today's most urgent issues, from AI-powered fraud and third-party risks to compliance mandate, equipping participants with insights to secure finance in an era of volatility and disruption.

RUSI's William Dixon on How Trade Wars Lead to Inflation and Cyber RisksGeopolitical instability has reshaped the cybersecurity priorities of financial services. William Dixon, senior associate fellow for cyber and international security at RUSI, says inflation, trade wars and sluggish growth are forcing cyber leaders to defend businesses with limited resources.

Bank Info Security 17 Sep 2025, 8:00 a.m. Finance
Bank Info Security 10 months ago

Turning Regulation Into an Industry Advantage

Resilionix's Heather Lowrie on Embracing GDPR as Tool for Change and ResilienceIn a modern regulatory environment, compliance is no longer just an exercise in ticking off boxes. Thanks to GDPR, financial services firms are shifting from a reactive mindset to a more proactive approach to compliance that focuses on risk management, said Heather Lowrie, director at Resilionix.

Recent, Targeted Attacks Suggest Undercut Group's Claimed 'Going Dark' RetirementElements of the notorious ransomware collective lately calling itself Scattered Lapsus$ Hunters appear to be targeting fresh victims, including a U.S. banking organization if not the sector at large, despite a member of the group claiming it would be "going dark" and retiring.

Cybercrime Group ShinyHunters Advertises 160 Million Stolen RecordsVietnam's central bank is probing a hack attack that breached its credit reporting division, exposing personally identifiable information. The cybercrime group ShinyHunters claimed credit for the breach, advertising on a cybercrime forum 160 million stolen records for $175,000.