Banks must collaborate through public and private partnerships to mitigate cybersecurity risk, according to the Office of the Comptroller of the Currency (OCC).
During a speech this month at a joint meeting of the Financial and Banking Information Infrastructure Committee and the Financial Services Sector Coordinating Council, Michael J. Hsu, acting comptroller of the currency, said cyber-attacks against financial institutions and their service providers have increased and evolved in recent years.
Disruption to financial services can affect banks’ ability to deliver critical services to their customers and has the potential to impact the broader economy.
Hsu suggested banks must assess how a cyber incident would impact their institution as well as the disruption it could cause to the broader financial system.
Most cyber-attacks are financially motivated, but Russia’s invasion of Ukraine has highlighted how geopolitical tensions can further increase cyber risks to the financial sector.
“In the lead-up to, and escalation of, hostilities, firms in the region were targeted with destructive cyber-attacks that had the potential to delete information permanently and disable operations,” Hsu said.
As the attacks were not financially motivated, they could not be mitigated by a ransom payment or insurance coverage prompting Hsu to call on the industry to improve its collective defences.
Hsu also noted the importance of investing in processes to ensure the effective design and configuration of infrastructure and patch management applications.
If preventive controls are not sufficient to safeguard against a cyber event, financial institutions should use effective incident response processes and rapid recovery, according to Hsu.
Establishing controls to safeguard the integrity and availability of critical data against the impact of destructive malware is key. “We have observed that the integrity of backup systems for critical data has greatly influenced banks’ ability to respond to ransomware and other malware events,” said Hsu before concluding that banks must collaborate and utilize information-sharing forums, giving community banks access to current threat information and best practices to guard against these.