Menu
Banking Exchange Magazine Logo
Menu

5 ways to fight cyber attacks

FS-ISAC warns banks to prep for destructive attempts

  • |
  • Written by  Website Staff
  • |
  • Comments:   DISQUS_COMMENTS
5 ways to fight cyber attacks

Financial institutions now have available a leading practices guide to improve their operational continuity and reduce risks associated with a destructive cyberattack.

Offered by the Financial Services Information Sharing and Analysis Center, the new publication focuses on the relatively rare but extremely harmful cyber attacks that seek not to just steal data but to cause catastrophic harm to a financial services entity.

Recommendations of group

In summary, the materials provided by a working group comprised of FS-ISAC, the National Institute of Standards and Technology, and other agencies include the following steps:

1. Identify—Gain situational awareness by identifying critical data, backup processes, and systems in the organization that are necessary for essential business functions. This should include where each comes from, where they are located, and where they are used.

Having a thorough knowledge of solution components, training, vectors, detection technology, ongoing risk assessments, monitoring, information sharing, and incident response keeps the enterprise in a continuous state of alert and prepares an organization to take action promptly, the group advises.

2. Protect—From network and endpoint security to system redundancy and backup to reputation management, a variety of controls are necessary for a comprehensive and robust security framework to protect corporate data and personally identifiable information.

3. Detect—Speed is essential in detecting malware when it enters a key environment, understanding the context, determining whether it is destructive in nature, and quickly assessing the full potential impact.

4. Respond—In the event of unauthorized access, the financial institution's computer systems could potentially fail, and confidential information could be compromised. Management must decide how to properly protect information systems and confidential data while also maintaining business continuity.

5. Recover—Financial institutions need to adjust their cyber incident response processes and playbooks to prepare for a destructive malware scenario where there is the potential of catastrophic business impact. They need to update mitigation strategies and align multiple parts of the organization including the executive team, communications teams, customer-facing departments, and business partners.

Using the tools

A destructive cyber attack is a unique threat in that it is both rare and yet potentially catastrophic. Such an attack can present a significant threat to an organization’s daily operations and business continuity; it potentially impacts confidentiality, integrity and availability of data, and can potentially thwart an organization’s ability to recover from an attack.

Bill Nelson, president and CEO, FS-ISAC says: "While destructive attacks are rare, financial institutions of all sizes should be prepared. We recommend that our members review their existing strategies to protect critical assets and have a complete plan for operational recovery to preserve data integrity against this evolving risk.”

Download FS-ISAC’s Reducing Risks Associated With Destructive Malware [executive summary]

Download detailed version in Excel for financial institutions from Financial Services Sector Coordinating Council

back to top

Sections

About Us

Connect With Us

Resources

Webinar: From KYC to IDV

How three leading banks are utilizing cutting-edge
digital tools to onboard, win, and wow customers

Time/Date: June 23, 2021 11:00 a.m. ET

Digital adoption, already moving at warp speed, accelerated seven years into the future during the COVID-19 pandemic. As the number of bank branches continues to fall, with at least one study predicting all branches will disappear by 2034 (Fox Business) and foot traffic declining (Vox), today’s most innovative banks are charting a new, digital-first path to win over customers while increasing security, meeting KYC compliance requirements, and winning customers to drive revenue.

In this webinar, you’ll hear from John Baird, Founder & CEO of Vouched, Tyler Crawford, COO of Bankers Healthcare Group, Anand Sathiyamurthy, CPO of Flagstar Bank and Daniel Sheehan, Chairman & CEO of Professional Bank as they describe their vision for digital transformation and how customer expectations are changing to digital first. They’ll also explore how fostering an innovation mindset creates new ways to tackle complex KYC problems and allows them to quickly compete in new markets and win customers.

REGISTER NOW!

This webinar is brought to you by:
Vouched Logo