Financial service organisations are more at risk than ever before in 2015 as highly skilled, elusive threat actors continue to initiate scalable cyberattack campaigns taking advantage of a complex and constantly evolving digital environment. Major hacks of financial service companies this year have ranged from billion dollar bank heists to infiltration of national pension data. The scale of these attacks sends a clear message to all financial organisations, or for that matter any business dealing in financial data, that they need to ensure their cyber security systems and monitoring procedures are as robust and proactive as possible. But what distinguishes an organisation with mediocre security systems and procedures from one that leads the way?
Weak points in financial cyber security
Perhaps one way to get a grasp of what constitutes strength in a cyber security system is to look at where financial organisations often go wrong with their strategy, outlook and set-up. Common weak areas within organisations that have been hacked often include the following:
- Lack of a unified approach to processes and methodologies
It’s often materialised that financial organisations affected by successful cyberattacks were operating disjointed threat-monitoring activities. This could entail, for example, monitoring activities spread across multiple locations, maintained by different internal and external stakeholders or hosted across multiple systems. Disjointed threat-monitoring of this kind inhibits the ability to gather and manage cyber risk intelligence, therefore impeding the ability to recognise and respond to emerging new threats.
- Cyber security seen as an IT issue
Cyber security breaches can have a catastrophic impact on a financial organisation’s reputation, brand and, of course, its bottom line. Viewing cyber security as a specific department’s concern is a short-sighted and parochial approach that can also be incredibly costly. Cyber security needs to be at the heart of the organisation’s operations and cyber security guidance needs to be taken on board at the highest levels of management. Financial services can check here and see what type of cybersecurity will be needed and how they can best apply it.
- Systems set to meet minimum levels of industry compliance
Typically, many financial companies hit by cyberattacks have been found to be running information security systems that are designed to meet the minimum levels of regulatory or industry compliance. As a result, these organisations are failing to identify the broader risks to their business and to implement the appropriate safeguards. Such organisations are poorly prepared to anticipate cyber threats and devise appropriate strategies in advance.
- Lack of tools offering a bigger picture of the threat landscape
Common cyber security strategies are often focused on identifying and reacting to threats in isolation. Often the tools at disposal only help the organisation to identify specific types of patterns & unusual network traffic, whilst failing to alert teams to emerging types of threats.
Leading approach to cyber security in the financial sphere
Organisations leading the way in preventative steps against emerging cyber threats often share the following similar characteristics:
- Consideration for every aspect of the cyber perimeter
Financial organisations with successful cyber security strategies have usually considered every avenue of risk including all third-party relationships and information flows. Perimeter analysis includes trusted business partners, outsourced data centres and the cloud.
- Identification of all assets
Organisations that are more successful in fending off cyberattacks usually know what data is most critical, where it is located and who has access to it at all times. Senior management are aware of which assets are most critical to the organisation and have conducted investigations and analysis into the threats posed to those assets.
- Implementation of continuous cyber threat monitoring
Leading organisations continuously perform assessments of vulnerabilities to internal and external assets. Common processes and methodologies are used to increase the organisation’s ability to gather and manage cyber risk intelligence.
- Robust cyber risk management
Financial organisations with leading edge cyber security also regularly feature a senior management team who take full ownership of cyber risk management and understand its vulnerabilities, controls and interdependencies with third parties. Employees in these organisations demonstrate a high level of cyber awareness.
Summary
Financial organisations most at-risk of a cyber security breach share commonalities including lack of unified processes and a parochial view of the threat landscape. Financial organisations need to place cyber security at the heart of their decision making and strategy to fully minimise the risk posed by today’s sophisticated hackers.
About the Author
Mike James is part of the IT team at Redscan Ltd – a managed threat detection and security services company.