Three areas of focus for Financial Service CISOs in 2022
Published On :
By James Mingard, Head of Retail & Finance at Maintel
Research suggests there has been a 1,300% increase in ransomware attacks on financial institutions, with the National Cyber Security Centre (NSCS) reporting that over a third of financial services firms were hit by ransomware in the last year – with attacks costing an average of $2.1 million.
Such weaponry is easily accessible to even the most junior of cybercriminals who can engage underground ransomware-as-a-service almost as easily as any everyday SaaS solution. As such there are thousands of computers scanning every internet-connected machine for vulnerabilities, and too often, they are easily found. For example, in March 2021, Microsoft revealed the exploitation of ‘zero-day’ vulnerabilities in its popular Exchange software, which was being could be used as a cypher for ransomware. The bottom line is that no organisation is safe.
With the pandemic only increasing the number of attacks levelled at financial services, this year must see cyber threat mitigation rise to the top of board priorities – not just in terms of the potential for financial loss. In the event of an attack, the Chief Information Security Officer (CISO) will have to answer for the loss of productivity, reputation and growing consumer concern around data privacy and the raft of laws that now govern this. There are three focus points CISO’s will need to consider to ensure minimal risk and maximum preparedness in 2022.
1 – Zero compromise on Zero Trust
If they haven’t already CISOs must adopt a Zero Trust mantra and instil this across the organisation. As PwC puts it, ‘Start by assuming that your users are already compromised’. Least-privilege access combined with behaviour monitoring must become ubiquitous, with NCSC urging companies to choose services designed for zero trust. New services such as PAM – Privilege Access Management – will be increasingly integrated into Zero Trust solutions, where user credentials and privileges are finely honed, controlled, and audited.
2 – Meet ‘Anywhere working’ with xDR
With the new ‘office anywhere’ working model, Endpoint Detect and Respond, which brings enormous value, must now evolve to support and secure the hybrid workforce. The evolution of the wider network fabric means that next-level eXtended Detect and Respond (XDR) solutions are really the only option. XDR is no longer a buzzword. As Forrester Analyst, Allie Mellen explains:
‘The evolution of EDR, optimises threat detection, investigation, response, and hunting in real-time. XDR unifies security-relevant endpoint detections with telemetry from security and business tools such as network analysis and visibility (NAV), email security, identity and access management, cloud security, and more. It is a cloud-native platform built on big data infrastructure to provide security teams with flexibility, scalability, and opportunities for automation.’
The XDR multi-layered (but, crucially, avoiding siloing) approach has the potential to match the multi-faceted, ever-more creative attacks launched by bad actors. It is a way to uncover the unknown gaps waiting to be exploited, and new gaps brought about by new working cultures. As highlighted by the Enterprise Strategy Group, 70% of organisations reported to them that an XDR budget would be set aside within the next 12 months. Nearly one-fifth reported an existing XDR project — for example, integrating EDR and network detection and response tools. It’s clear. XDR isn’t a passing fad, it’s not even the future. It’s the solution needed here and now.
3 – The rise of the ‘R’
Of course, approaches like XDR will continue to use novel applications of AI and ML to improve detection accuracy and provide a faster, more efficient incident response. The rise of the ‘R’ or Respond will be a key differentiator and as the liabilities grow, being able to react to IOC’s – Indicators of Compromise – could mean success or failure. As research published in the Journal of Cybersecurity and Privacy explored, ‘traditional indicators of compromise may not always capture the breath or essence of a cyber security threat or attack campaign, possibly leading to false alert fatigue and missed detections with security analysts’.
Wanda Rich has been the Editor-in-Chief of Global Banking & Finance Review since 2011, playing a pivotal role in shaping the publication’s content and direction. Under her leadership, the magazine has expanded its global reach and established itself as a trusted source of information and analysis across various financial sectors. She is known for conducting exclusive interviews with industry leaders and oversees the Global Banking & Finance Awards, which recognize innovation and leadership in finance. In addition to Global Banking & Finance Review, Wanda also serves as editor for numerous other platforms, including Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune.
-
-
NEWS4 days ago
French central bank sees growth flatlining in fourth quarter
-
-
-
NEWS4 days ago
Vodafone franchisees in Britain file legal claim against telecom group
-
-
-
NEWS4 days ago
Upper Crust owner SSP plans for Indian IPO of Travel Food Services
-
-
-
FINANCE2 days ago
Mercer & Hole appoints Menzies LLP Director of Corporate Finance
-