Q&A with Yuval Wollman, President, CyberProof, a UST Company
- What is the state of cybersecurity in today’s financial services landscape in the wake of Covid-19?
With increased internet activity and a rise in online transactions, we witnessed an accelerated shift towards digital amid the Covid-19 pandemic. In turn, this increased the opportunity for threat actors to target banks and other financial institutions, most of which were already struggling to adapt to an unprecedented level of digital transactions during a destabilising global pandemic.
The financial services sector was under prepared, as were many other industries. Cyber criminals recognised that data security measures in place were not robust enough, nor fit for purpose, to prevent them from carrying out successful cyber-attacks.
Indeed, the number of cyber-attacks on financial institutions increased significantly over the last two years. Earlier this year, a BAE Systems report found that 74% of financial institutions in the UK and US experienced a significant spike in threats linked to Covid-19. Furthermore, at a Congressional hearing in May 2021, senior executives at some of the largest US banks identified cybersecurity as the greatest threat to America’s financial system.
- How are financial services consumers being affected?
At a time of deep financial insecurity, we saw sophisticated never-before-seen scams which played to the vulnerabilities of consumers and smaller companies alike. In March 2021, it was reported that across England, Northern Ireland and Wales £34.5m had been stolen in Covid-19 related scams since 1 March 2020. Bank loan scams and related attacks increased by 42% during the pandemic, with cybercriminals taking advantage of the sharp increase of online transactions. As consumers continue to maximise online shopping, there has also been a rise in Man in the Middle Attacks (MITM), which impersonate another party online and give criminals access to personal passwords, data and banking details.
To combat these trends, and as digital finance continues to evolve, there is growing demand for the development of consumer protection laws. Consumers have rightfully become increasingly concerned about cyber-attacks and the security of their data; governments are recognising this and working alongside banks to develop laws which are sufficiently robust to respond to rapidly evolving technology. For example, in the US, the Federal Trade Commission recently strengthened security safeguards for consumer financial information.
- What are 3 best practices financial services firms should follow?
- An agile approach, including continuous improvement of use cases
- Financial organisations must adopt an agile approach, centred around accelerated detection and response, which can be improved and adapted on a rolling basis. This will facilitate the proactive identification of evolving threats and vulnerabilities to their systems.
- They should start by mapping out their threat detection gaps to a framework such as MITRE ATT&CK, by placing an emphasis on use case optimisation. This process enables financial organisations to prioritise threats accordingly and invest their time and resources into mitigating risks more effectively.
- The development and regular review of incident response plans similarly allows for efficient response in emergency situations and helps reduce the business impact of cyber-attacks.
- Targeted threat intelligence
- Another key component of timely detection and response is threat intelligence that’s tailored to the financial services industry. By working with expert Cyber Threat Intelligence (CTI) services, organisations can obtain up-to-date information about industry-specific threats in real time – information that is a highly valuable tool in strengthening the defence of an enterprise.
- Maintaining strong cyber hygiene
- Financial organisations must recognise the power and potential consequences of human error, and mitigate the risks that poor internal cybersecurity practices bring about. Clicking on a phishing SMS or using the same passwords across all platforms is a simple mistake which can yield astronomical damages.
- Learning to recognise these threats can easily be achieved through providing your employees with regular cybersecurity training programmes. These programmes should not only explain how to identify risks, but also how and where it is safe to access sensitive company information.
- How can cyber risks be reduced when migrating to the cloud?
Significant customer demands are leading more and more banks to transition from legacy technology to cloud-based solutions. Whilst the digital transformation of financial services helps banks to offer enhanced user experiences, they must recognise that there are risks involved. With cloud-based solutions set to dominate the financial services sector, there is a strong need for additional security layers to be implemented during the transition process.
Enhanced threat detection and response capabilities will help ensure optimal visibility in the cloud during the migration process. Digital playbooks are an essential tool in providing clear detection and response, creating both automated and guided responses that allow for faster and more effective collaborative action.
- Should financial organisations be concerned about third-party risk?
Security — both cyber and physical solutions — helps secure an entire branch footprint, alleviates risk, ensures operational compliance, and improves fraud investigations. Analytics, threat management platforms and more can provide organisations with intelligence and unprecedented protection from fraud, all while enhancing the customer experience. Often though, these services are outsourced to third-party vendors, which enlarge the attack surface and create more entry points to the system, making it harder to protect valuable customer data.
It is key to understand that there are significant benefits to collaborating with external vendors to facilitate digital transformation, but it must be meticulously managed and overseen by internal structures. Here at CyberProof, we’ve seen that by bringing various in-house leaders, technologies and strategies together, we can more effectively identify threats and trends, and quickly access important data to ensure security and safety goals are realised in an end-to-end manner.
CyberProof, a UST company, is a security services company that helps organizations to intelligently manage incident detection and response. Our advanced cyber defense platform enables operational efficiency with complete transparency to dramatically reduce the cost and time needed to respond to security threats and minimize business impact. SeeMo, our virtual analyst, together with our experts and your team automates and accelerates cyber operations by learning and adapting from endless sources of data and responds to requests by providing context and actionable information. This allows our nation-state cyber experts to prioritize the most urgent incidents and proactively identify and respond to potential threats. We collaborate with our global clients, academia, and the tech ecosystem to continuously advance the art of cyber defense. CyberProof is part of the UST family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. For more information, see: www.cyberproof.com
For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through digital transformation. With more than 26,000 employees across 25 countries, UST builds for boundless impact—touching billions of lives in the process. Visit www.UST.com