For firms in security-critical areas like financial services and payments, it’s time to pay attention to cybersecurity. A data breach in these industries doesn’t just mean a lost paycheck; it could trigger a financial disaster on a global, digitally interconnected scale.
And with the news this week, per a filing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), that the February ransomware attack on Change Healthcare resulted in the theft of personal data from approximately 100 million individuals, standing up safe cyber strategies, investing in infrastructure, and — most importantly — being proactive about the growing threat is top of mind for businesses.
Even the biggest enterprises are putting their money where their mouth is when it comes to cybersecurity.
Per a Thursday (Oct. 24) report, Microsoft CEO Satya Nadella asked for, and received, a reduction in the cash portion of his pay after the U.S. government lambasted Microsoft for its “inadequate” cybersecurity strategies in the face of several high-profile breaches.
But even for firms that recognize the rising digital threat, the road to ironclad cybersecurity is anything but smooth. Transitioning to cutting-edge protocols isn’t just about upgrading a firewall — it’s a full-scale overhaul of existing systems, requiring investments in new tech, training for teams and a deep dive into best practices. For firms juggling tight budgets, the challenge is figuring out how to prioritize these upgrades before it’s too late.
And if today’s threats weren’t enough, with quantum computing lurking around the corner, firms need to watch out for tomorrow’s threats, too.
Read more: CFOs Suit Up for Cyberwar as Risk Management Evolves
Firms that want to stay ahead must act fast. Bank of America stressed earlier this month that, “If cybercrime damage were a state, it would be the world’s third-largest economy.” The global bank noted that the cost and prevalence of cyberattacks is growing alongside the increases in digitization and artificial intelligence (AI).
Still, security is far from a one-size-fits-all exercise and depends largely on how solutions are implemented.
“Boards have an increased responsibility for providing effective oversight of cybersecurity and technology risks,” Alicja Cade, director of financial services in the Office of the CISO at Google Cloud, told PYMNTS, saying this is especially true in financial services, where the regulatory environment is becoming more stringent.
Cade said she believes cybersecurity must be “baked into the DNA” of the business. It cannot be siloed within the IT department but must be integrated into every part of the organization, from business processes to leadership decision-making.
Payment firms manage sensitive financial data and execute millions of transactions daily. A breach in these systems could have devastating ripple effects — not only for individual companies but for entire economies. The global interconnectedness of payment networks and the scale at which they operate mean that vulnerabilities in these systems could be exploited rapidly and at massive scale.
“Fraud is growing as fast, or faster, than the pace that the overall B2B market is growing, so we have to fight hard to implement tools and stay ahead of it,” Eric Frankovic, general manager of business payments at WEX, told PYMNTS.
Read more: NIST’s Post-Quantum Cybersecurity Standards Ready for Enterprise Use
As of now, quantum computers capable of cracking current encryption protocols are still in the developmental stage. But experts warn that these machines could become commercially viable within the next decade. Given the time and resources needed to overhaul cybersecurity systems, firms cannot afford to wait until quantum computers are already in the hands of malicious actors.
With the news Thursday (Oct. 24) that the Pentagon’s chief information officer is focused on migrating the defense department’s systems to quantum-secure networks, the question for execs across the financial services and payments space is, should they be doing the same?
As PYMNTS Intelligence has found, a central challenge the financial services and banking industry now faces is the need both to leverage new technologies and to master the art of securing them.
Michael Jabbara, global head of fraud services at Visa, told PYMNTS last March that scammers have started to steal and hold onto encrypted data in preparation for quantum computing tools to enter the market and allow them to decrypt the information. This kind of threat is known as harvest now, decrypt later (HNDL).
Ensuring the upcoming quantum “leap” doesn’t leapfrog their own defenses is increasingly possible thanks to advances in technology and quantum cyber defense protocols from National Institute of Standards and Technology (NIST).
U.S cryptocurrency stocks fell in early trading Thursday (April 3) following the latest White House tariffs.
As Reuters reported, the sweeping new levies have left investors shaken, leading them to sell riskier assets. Bitcoin fell 2.3%, the report added, with ether down 3.3%.
While President Donald Trump appears more crypto-friendly than his predecessor, the report notes, wilder economic instability tied to the sector could still affect some companies. However, some analysts argue the price drops were less dramatic than in other industries.
“The price action highlights crypto’s hyper-democratic and borderless nature, allowing investors worldwide to hedge against the potential impact of macroeconomic uncertainties,” said David Hernandez, crypto investment specialist for 21Shares.
Crypto exchange traded funds (ETFs) could also see some retail investors who will be hunting for opportunities, Marco Iachini, senior vice president of research at Vanda Research told Reuters, adding that size of that flow could shrink in shakier conditions.
Trump’s latest tariffs, announced Wednesday (April 2) are a sweeping set of country-based levies. Though described as “reciprocal,” the president said that doesn’t necessarily mean parity, as many of the tariffs on U.S. trading partners settled at around half, or less: China was levied duties of 34%, the European Union 20%, India 26%, Switzerland 31% and Japan 24%, among others.
There’s also a 10% blanket tariff on imports, a 25% tariffs on automobile imports, and a similar tax on auto parts set to go into effect next month. This is on top of the tariffs the administration has already imposed on Canada, Mexico and China, and on automobiles, steel and aluminum.
“The implications are as vast as they are immediate,” PYMNTS wrote Wednesday. “From global supply chains to financial transactions, the recalibration of tariffs could have far-reaching consequences. As enterprises grapple with new realities, the relationship between tariffs and know-your-business (KYB) compliance has become intertwined.”
The report added that tariffs can incentivize companies to find new suppliers or partners, especially when trying to avoid higher costs.
“At the same time, when tariffs are imposed or adjusted, businesses must ensure compliance not only with customs regulations but also with broader compliance frameworks, including KYB,” PYMNTS wrote.
KYB has become a crucial part of corporate compliance, that report added, especially for financial institutions and multinational corporations managing complex supply chains.
“Increasing tariffs can create incentives for businesses to resort to fraudulent practices such as transshipment, undervaluation, or misclassification of goods,” PYMNTS wrote. “Robust KYB protocols are instrumental in helping to detect these schemes and safeguard corporate compliance and reputation.”
