Breaking
December 11, 2024

Banking | Three strategies for winning the cybersecurity arms race | usagoldmines.com

As cybersecurity attacks against financial institutions continue to escalate, banks and other financial organizations must take proactive measures to protect themselves and their data. Here are three strategies they can use to guard against potential intrusions.

A 2020 report by the Federal Reserve Bank of New York (FRBNY) modeling the potential impact of a cyber attack on a single U.S. bank predicted troubling outcomes that still loom large in today’s rapidly evolving threat landscape. The model estimated that a one-day attack on a top 5 US bank would impact 38% of U.S. financial institutions. Worse, an attack perpetrated against a large bank and a group of medium and smaller banks would impair an average of 60% of banks by assets.

Since the report was issued the financial services sector has become one of the top 5 industries for cyber attacks – and banks and hackers have both become more adept at using technology to achieve their objectives. Today, 98% of financial institutions are using some form of cloud computing, up seven percentage points from 2020, and banks are heavily investing in artificial intelligence (AI). Meanwhile, hackers have succeeded in creating AI-built phishing schemes and effectively using edge devices for Distributed Denial of Service (DDoS) attacks.

How can banks win this cybersecurity arms race and ensure resiliency in the face of possible attacks? This can only be achieved through collaboration, automation, and standardized controls for more secure cloud deployments.

Collaborate: make intelligence sharing a key defensive weapon

Organizations in the financial sector believe that an attack on one is an attack on all. Thus, many financial institutions around the world have committed to sharing intelligence about threats and vulnerabilities to protect the infrastructure of the entire financial system.

Their efforts have been buoyed by frameworks and guidelines that have been created to improve information-sharing on cybersecurity incidents within the financial industry. For example, the Switzerland-based Financial Stability Board’s Achieving Greater Convergence in Cyber Incident Reporting features 16 recommendations on the collection and sharing of cybersecurity information between financial institutions. In the United States, the Securities & Exchange Commission’s cybersecurity rules require registrants to disclose cybersecurity incidents and the steps they took to mitigate those incidents.

The calls for greater transparency herald a new age of collaboration among banks. While intelligence-sharing across borders remains difficult to do in Asia, where geopolitical dynamics often hamper regional data exchange, it’s become more commonplace and easier to do in insular environments like the European Union (EU), the United States, and other countries. These areas are leading the charge for better cybersecurity within the financial sector, and technology plays an important role in their efforts.

Automate: Reduce attack response and remediation times

The Digital Operation Resilience Act (DORA) is a great example of a government mandate that puts technology at the forefront of risk management. Although created specifically for the European financial sector, it serves as a good cybersecurity blueprint for financial services organizations in all countries, including the U.S.

DORA calls out “the existing high level of interconnectedness across financial entities, financial markets, and financial market infrastructures” as areas of concern. Like the FRBNY report, it notes that localized cyber incidents could quickly spread throughout Europe’s entire financial system.

According to the EU, one way to prevent this from happening is to contain the damage by “implementing automated mechanisms to isolate affected information assets.” Financial organizations must be able to quickly and automatically identify the source of an attack, isolate and remediate it, stop it from spreading, and recover quickly.

Security managers can work with developers to create automation protocols designed to detect and prevent intrusions, build and maintain enterprise firewalls, and more. For example, open-source projects like the Ansible infrastructure-as-a-service platform offer simple-to-use, pre-built playbooks that let teams quickly create automated security tasks. Once deployed, these tasks can help financial organizations significantly reduce the time it takes to discover and contain potential intrusions and remain resilient in the wake of an attack.

Standardize: Unify cloud controls for better resiliency

DORA also cites the “potentially severe” risk to the financial services industry if a cloud service provider that hosts many banks were to become compromised. Indeed, the issue of cloud concentration risk – the danger that a security breach of a single cloud service could result in potential disruptions and data breaches for many organizations – is a real concern that must be addressed.

Yet again, the open source community, along with members of the financial community, is addressing this issue by creating cloud security controls. In 2023, the Fintech Open Source Foundation (FINOS) announced a collaborative project to standardize controls for public cloud deployments in the financial sector. The goal, according to FINOS, is to “develop a unified set of cybersecurity, resiliency, and compliance controls across the major cloud service providers.” Many financial institutions, including Citi, Morgan Stanley, the Royal Bank of Canada, and others are involved in the project.

The FINOS project is just one example of the open source community’s efforts to provide all organizations, including financial institutions, with better security and control over cloud deployments. The efforts stem from the community’s unwavering commitment to transparency, intelligence-sharing, collaboration, and using cutting-edge tools to mitigate risks.

It’s not a coincidence that these are the same ideals that the financial services industry is also embracing. They are, after all, the core tenets that will protect all organizations against escalating cybersecurity risks, and they are the keys that will help financial institutions stay secure and resilient against current and future threats.

 Financial institutions are grappling with increasing cybersecurity threats due to heightened cloud adoption and technological sophistication. To combat these challenges, financial institutions must take proactive measures to protect themselves. Red Hat’s Dr. Richard Harmon provides insight on three key measures that can mitigate risk: collaboration, automation and standardization. Banking, cybersecurity, Guest Post, Home, News, cyber attacks 

Recent:

Banking | Brazil’s QI Tech achieves unicorn status with recent $50M series B extension | usagoldmine...
Banking | LendingClub exceeds expectations in strong Q1 earnings | usagoldmines.com
Banking | Neobank Era Ushers in New Wave of Competition in Mexico | usagoldmines.com
Banking | UK neobank Revolut gets Mexico banking license, eyes remittances | usagoldmines.com
Banking | Nubank partners with Wise to bring global account to affluent Brazilians | usagoldmines.co...
Banking | Three Technologies Banks Will Invest More in This Year | usagoldmines.com
Banking | Pinwheel’s Power of Primacy report exposes myths | usagoldmines.com
Banking | Fighting cash: Nubank seeks partners in Mexico | usagoldmines.com
Banking | Alkami model identifies the four stages of digital maturity | usagoldmines.com
Banking | Latin America’s Banking as a Service Market to Reach $2B in 2024 | usagoldmines.com
Banking | Banking for the Unbanked: How BaaS is Driving Financial Inclusion | usagoldmines.com
Banking | Argentine Banks file complaint against Mercado Libre over its fintech business | usagoldmi...
Banking | Banks slowly preparing for AI, open banking: Sopra Digital Banking Experience Report | usa...
Banking | Nubank’s Credit Loan Strategy: How It Works | usagoldmines.com
Banking | Synapse is a huge black eye on the industry but let’s not paint all of fintech with the sa...
Banking | Study reveals half of Brits are now more wary of online banking, with online fraud a key c...
Banking | Rising digital spending among findings of Alkami, Cornerstone Advisors report | usagoldmin...
Banking | Digitalization Can Become a Magic Wand for Banks in the Era of Strict Regulation | usagold...

Leave a Reply