In 2014, IBM named financial services the industry most vulnerable to cyber attacks.

Since then, the financial services industry has sought solutions to fight such cyber attacks. It has dropped from the most to the second most vulnerable after the healthcare industry. Nevertheless, current cybersecurity statistics for the industry still aren’t promising.

95% of the top 20 U.S. commercial banks received grades of “C” or worse for their network security in 2016. Of the 20, only Bank of America received an “A.”

The same report found malware events in every one of those 20 commercial banks in the past year.

These statistics aren’t limited to just commercial banks. Asset management firms and investment banks had similarly dismal cybersecurity results.

Financial institutions that have disclosed significant data breaches include E*TRADE, Bangladesh Bank, and Scottrade.

Data breaches in the financial sector are expensive. Costs reach an average of $141,249 per incident.

The Ponemon Institute’s 2016 Cost of Data Breach Study suggests that the healthcare and financial service industries have the most costly data breaches because of “fines and the higher than average rate of lost business and customers.”

The study also found that financial services industry had the third highest per capita cost after the healthcare and education sectors, coming in at $221 per person.

With this significant loss at hand, the financial services sector has to play catch-up when it comes to cybersecurity. Hackers’ techniques advance much more quickly than financial institutions’ defenses.

Thankfully, it’s not all doom and gloom.

The increasing awareness of cybercrime should lead to improvements in financial services’ cybersecurity.

The SEC chair, Mary Jo White, says that cybersecurity is the “biggest risk facing the financial system.” She has pushed for more financial services institutions to assess their defenses against attacks.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is already working to educate banks on cybersecurity.

Research suggests that cybersecurity is becoming more of a priority. Financial institutions are making efforts to improve both their response and overall security programs.

There are plenty of ways financial institutions can improve their security.

Here are our top three recommendations:

  1. Dedicated Threat Management Team

Having a team or task force in place at your company to track cybersecurity can reduce cyber attacks.

A threat management team can test for vulnerabilities in the system and work to repair them.

They can also work with employees to help identify and combat internal security concerns.

  1. Multi-Factor Authentication

Multi-factor authentication only allows a user access to a site after they have input at least two pieces of evidence of eligibility.

The most common kind is two-factor authentication, known as 2FA. In 2FA, users might input a combination of a site password and a code sent by SMS to their mobile phone.

  1. Biometric Cards

Biometric cards can help combat fraud and identity theft. With this technology, only the authorized account holder can make withdrawals. There’s less issue with card cloning when a fingerprint is necessary to make the card work.

International markets have already begun to adopt biometric cards.

One example of a biometric card is Macate’s Gardevant.

The Gardevant Card is a patented, encrypted, and multimodal biometric card. It authenticates, verifies, and protects cardholders’ identities. With Gardevant, every purchase is secure, because it requires a fingerprint each time.

Learn more about the Gardevant card at Money 20/20.

And tune in next week for a post on how cybercrime affects the healthcare industry.