trending Market Intelligence /marketintelligence/en/news-insights/trending/V6MBasIa2eo18xu_etb9Tw2 content esgSubNav
In This List

The week in fintech: FBI agent says cybersecurity practices need to change


According to Market Intelligence, December 2022


Insight Weekly: Layoffs swell; energy efficiency PE deals defy downturn; 2023 global risk themes


Spotlight on sustainability: How banks can overcome the challenges of achieving net-zero emissions by 2050


MediaTalk | Episode 30: US retailers prep for weaker online sales, holiday spending demand

The week in fintech: FBI agent says cybersecurity practices need to change

This weekly recap features updates on bank technology, payments, online lending and other news in the financial technology space. Send tips, ideas and chatter to For other recent fintech news, click here.

A massive data breach at Equifax Inc. has made cybersecurity top of mind for many companies, but most hacks go undetected for months and many companies are not prepared to detect intruders when they get in.

Assistant special agent in charge at the Federal Bureau of Investigation's Chicago branch, Todd Carroll, said the average time between an unauthorized user getting inside a network and that user being detected is about 150 days, "a lifetime in cyber means."

"The majority of the time, it's either a third party or it's law enforcement that tells that company that there's someone in their network," Carroll said in an interview.

The FBI discovers many breaches, though Carroll said he could not quantify how many in a month or year. He said two means of detection are through other breaches or from information being sold on the dark web.

An annual survey released by Nationwide on Oct. 9 cited a lack of education surrounding cybersecurity. Initially, 13% of business owners surveyed said they had experienced a cyberattack. But that number jumped to 58% when the owners were shown a list of attacks, including a computer virus and phishing, the two most popular attacks.

"Part of the problem facing a business' ability to recover from an attack is that a majority of owners are not prepared," the company wrote in the report. "In fact, 57% of owners do not have a dedicated employee or vendor monitoring for cyberattacks."

The survey showed that more than 20% of companies that had been attacked spent at least $50,000 recovering from the intrusions, and 7% spent more than $100,000.

Carroll could not speak directly about the Equifax or Securities and Exchange Commission hacks, as they are ongoing FBI investigations. However, he said it is probably too soon to tell what financial impact either breach will have on individuals or the industry as a whole.

Things do need to change, Carroll said of cybersecurity practices, specifically noting the need for "buy-in from the top down." He said the more successful companies are those whose cybersecurity practices are built-in to the system's day-to-day processing. Companies need to understand the threats that are out there, identify their own critical information and make sure they do everything they can to protect that information, Carroll said.

"Have a good plan to bounce back from it," he added. "This is not something that's going to go away."

In another blow to the credit reporting agency, Equifax took down a customer assistance webpage this week amid another possible hack, Ars Technica reported Oct. 12.

In other financial technology news, La Caisse de Dépôts and Desjardins Group announced the creation of an investment fund dedicated solely to the financial technology sector and to artificial intelligence applied to finance. The fund is meant to support the growth and development of new fintech companies in Quebec and Canada.

In cryptocurrency news, the price of bitcoin jumped Oct. 12, according to data from CoinDesk. The recent rally brings bitcoin's market capitalization to about $94.5 billion. Bitcoin has slowly been recovering from China's crackdown on cryptocurrency in September.

From Oct. 5 to Oct. 12, the SNL U.S. Financial Technology Index gained 1.08%.

S&P Global Market Intelligence released a fintech primer on four areas — digital lending, payments, blockchain and digital wealth management — of particular interest due to their rapid pace of growth, technological disruption, and regulatory and other risks. Click here to read the primer.