Ray Pompon, director of security at Linedata, talks tech threats
The scale and frequency of cyberattacks on financial institutions is enough to take anyone by surprise. Even amidst a number of high profile attacks on global organisations, businesses and governments, there are still millions which go unreported. Recent research suggests that over 317 million pieces of malicious software were created in 2014: a number which will only continue to rise.
These attacks take a number of forms and the effects can range from inconvenient to disastrous for a business. Perhaps of greatest concern to most companies are those attacks which seek to exploit security vulnerabilities in order to access sensitive data, especially that belonging to customers. In the hands of cyber criminals, this stolen data can be used to commit financial fraud, identity theft and extortion. These attacks are inexpensive to carry out from anywhere in the world and offer criminals great reward for little risk. Whereas Distributed Denial of Service (DDOS) attacks, such as those perpetrated on a number of US banks over recent years, can incapacitate a website and cause inconvenience, the loss of customer data has much further reaching business and regulatory implications.
In the case of data loss, customers will invariably hold the institution to which they entrusted their personal information responsible. Those customers may become victims of identity theft and suffer personal losses as a result: consequences which can lead to a profound loss of trust and, often, anger with their financial institution. In a customer focused industry, the loss of these relationships can be irreversibly damaging in the long term.
In addition, US state laws mandate that organizations, including financial institutions, notify victims of data privacy breaches and the EU is soon to follow suit. This means that the reputational effects of data loss can be spread far and wide, therefore giving financial institutions an even greater incentive to ensure security is robust.
As an organisation with valuable data, there is a sense of inevitability about being the recipient of attempted cyber-security breaches. The focus of most companies must therefore be on how they react to attacks and ensuring robust processes are in place should an attack be successful.
To confront this unfortunate reality, a business must first have a clear inventory of its network in order to understand where valuable data is stored. In this way, the most sensitive data can be protected accordingly, for example by guarding it with multiple layers of less critical material. While any breach is undesirable, this tactic can prevent it from becoming disastrous and affecting the customer in an acute way.
For in-house security teams, there is also an obligation to modernise the firm’s approach to counter the volume and sophistication of cybercrime. In many organisations, there is a tendency to focus on operational controls and under-focus on day-to-day security work. Security personnel can often get distracted by tinkering with firewalls, anti-virus solutions, password settings, and vulnerability scanners. The reality is that security demands difficult, tedious and repetitive tasks like inventory, incident response, risk monitoring, and threat analysis.
Through meticulous and proactive security, in tandem with careful data management and inventory, financial institutions can build the resilience to withstand the new reality of cybercrime.