The recent wave of job cuts has sliced into the talent pool of professionals in the cybersecurity industry, opening a door in the finance sector between cybercrooks and the full array of someone’s online accounts.
From banking, trading and investing to the emergence of digital assets like bitcoin and Ethereum, the bulk of even the most basic transactions today are usually done online.
Edward Moya, a senior market analyst at OANDA in New York, told FOX Business, "Cybercrime is expected to surge over the next few years."
"While every industry has been vulnerable to ransomware, financial firms are prime targets and must invest in making sure they have protection against the latest attacks," he added. "Cybercriminals are known for fraudulent credit card purchases, but it could get much worse as they may now try to drain entire bank accounts."
Data compiled from a recent survey of more than 1,000 cybersecurity professionals in the U.S. and parts of Europe by Cobalt, a cybersecurity and "pentesting" (i.e., penetration testing) company, showed that more than 77% of U.S.-based respondents said their department conducted layoffs, while 63% expect their department to continue layoffs in 2023.
According to the survey, the layoffs are now affecting the mental health of cyberprofessionals as 95% of those who encountered layoffs or budget cuts said their role has changed; 60% said they were experiencing burnout and 50% said they want to quit.
In an interview with FOX Business, Cobalt Chief Strategy Officer Caroline Wong said, "Trust and credibility are the cornerstones of banking, trading and digital assets, so it is vital for banks to communicate to their clients that they are reliable and responsible when it comes to protecting customer data and personal information."
"Chances are, if an online banking or trading platform were to suffer from a security breach, their clients may have a hard time continuing to trust that organization with their money and personal information," she continued. "And as the digital revolution continues to expand, risks associated with cybersecurity vulnerabilities will increase."
Wong said crypto investors have good reason to be concerned.
"Last year, $1.4 billion was stolen as crypto investors were hit with hacks and scams," she said. "Some of these vulnerabilities exist in blockchain bridges, which are systems that can help investors trade faster and with fewer system protection methods."
Blockchain bridges are targets for scammers due to their lack of application security controls.
According to the survey, most U.S. respondents were from the information technology and services sector at 41% while 14% were from the computer software industries.
Meanwhile, respondents from the United Kingdom and Germany showed that 41% were from information technology and services and 16% were from computer software industries.
In 2022, Cobalt performed more than 3,100 penetration tests across various industries, including SaaS (i.e., software as a service), insurance and financial technology, uncovering more than 16,000 security vulnerabilities found in online platforms.
"Stay vigilant," Wong said.
"Be wary of untrusted individuals asking for private information, especially if they claim to be associated with a new service or product that you’re unfamiliar with," she continued. "Install software updates when they are available and use MFA [multifactor authentication] for all of your important online accounts."
"If you’re less tech-savvy, don’t hesitate to reach out to a family member or friend who may be able to help you get in contact with the right folks," Wong said.
Smaller budgets equal smaller security teams as 63% of cybersecurity professionals say their department has already had its budget cut in 2023.
According to the survey, 58% cited feeling burned out in 2022, with 50% threatening to quit their jobs if burnout persists.
The data also showed key vulnerabilities are being left unchecked as 79% of cybersecurity professionals say they're deprioritizing to-do list items just to stay afloat and 89% report their workloads are harder to manage.