The finance industry is one of the most breached sectors, a new study has found.
NordPass’ research, which assessed the password habits of high-level executives worldwide, found that the finance sector was the second most breached when compared to other sectors such as technology, construction, healthcare, media and hospitality.
Poor password habits were identified as one of the biggest factors in data breaches for CEOs, as well as executive management and business owners in the research with “123456” still the most used password for both high-level executives and regular internet users.
“It is unbelievable how similar we all think, and this research simply confirms that — what we might consider being very original, in fact, can place us in the list of most common,” NordPass CEO, Jonas Karklys, said.
“Everyone from gamer teenagers to company owners are targets of cyber crimes, and the only difference is that business entities, as a rule, pay a higher price for their unawareness.”
The research comes after a report released by digital security software and services company Imperva in April, which surveyed 1,004 Australians, found that 43 per cent of people trust those in financial services with their most valuable and sensitive data.
Financial services beat out other industries that included healthcare and government (37 per cent) and messaging services, social media, streaming services online gaming and retail which all attracted a score of less than 10 per cent.
Meanwhile earlier this month - in an Australian first - AFS licensee RI Advice was found to have breached its licence obligations by the Federal Court, who ruled that the group did not act efficiently and fairly when it failed to have adequate risk management systems to manage its cyber security risks.
According to ASIC, a “significant number” of cyber incidents occurred at authorised representatives of RI Advice between June 2014 and May 2020, including an incident where “an unknown malicious agent obtained, through a brute force attack, unauthorised access to an authorised representative’s file server from December 2017 to April 2018 before being detected, resulting in the potential compromise of confidential and sensitive personal information of several thousand clients and other persons”.
Cyber expert, Ajay Unni of StickmanCyber, said due to a rise in cyber security risks it is not a question of if a business will be attacked, but when.
“Businesses, regardless of their size, type, and industry, need to enhance their cyber resilience.”
He continued: "Businesses need to learn from RI Advice and prioritise the enhancement of their cyber security posture by treating it as a business function, as opposed to a business issue that is relegated to the IT department."
