Cyberattacks on financial services institutions are becoming increasingly sophisticated and frequent. By using stolen legitimate credentials and malware to disguise criminal activity, these breaches can remain undetected for some time, making the financial impact irreparable. Take the recent attack against the central bank of Bangladesh, for instance, that not only made global headlines, but to date has cost the bank $81 million.
Professionals in the financial services sector are well aware of such risks. The Financial Services Edition of the 2016 Vormetric Data Threat Report surveyed 1,100 senior IT security executives at large enterprises around the world, including over 100 U.S. financial services organizations. The report found that 90 percent of respondents feel vulnerable to data threats, and 44 percent have already experienced a data breach - with nearly one in five (19 percent) indicating they had experienced a breach in the last year. This just goes to prove the sentiment, “it’s not if you will get hacked, but when.” To which we can add, “and how quickly you learn about it.”
Where should financial services IT teams start in better defending their networks? From sports fields to battlefields, there’s an adage that has been used for centuries that states “the best defense is a good offense.” The idea behind this theory is that having a proactive offensive attitude (rather than a reactive defensive posture) is the best way to keep the opposition occupied and limit their ability to conduct an attack.
This strategy can also be highly effective in the business world, specifically for cybersecurity teams at large financial institutions. Cybersecurity professionals who are able to step away from the defensive side of security and think like a cybercriminal will likely be better prepared to put solutions and strategies in place to protect their data.
Here are some questions financial services IT professionals should ask themselves to put them in the frame of mind of a cybercriminal in order to better their defense:
Before an attack is launched, cybercriminals will evaluate the landscape and identify areas where they can prosper the most. The financial services industry is consistently at or near the top of cybercriminals’ lists because, quite literally, it’s where the money is.
However, aside from seeking out customer information to commit fraud, cybercriminals see value in stealing data like bank employee email addresses and passwords. With this information they are able to pose as an employee to infiltrate the bank and commit theft. By understanding the industries that are commonly attacked, and the ways attackers try to get in, cybersecurity teams will be better prepared to put an effective strategy in place and make the investments where necessary to match the capabilities used by criminals.
As the network expands, so does the attack surface. With the proliferation of mobile devices in the workplace, employees working from remote locations, etc., today’s cybercriminals have more opportunities than ever before to find ways into targeted networks. Additionally, when financial institutions acquire a company to expand their presence, they typically acquire the disparate technology that comes with it, often adding complexity to the organization’s security posture. All of these components equate to challenges that need to be addressed.
However, nobody knows the network and its vulnerabilities better than those who have put it together in the first place.
IT security professionals in financial services should look for openings in their own defense via white hat hacking and penetration testing. Since there isn’t a single piece of technology that will be able to stop every threat, those cracks in the system that are both easy access points and lead to sensitive data should be the ones focused on first. Remember, cybercriminals are just human beings looking for the fastest and most financially rewarding way to do their jobs.
It’s also important to remember that employees are a part of the system as well. An employee who is uneducated about security can be just as dangerous to data as any other digital or physical entry point. One way to test for employee vulnerabilities is to simply conduct test attacks. Many CIOs will send out fake phishing attacks to see if their employees will provide login credentials or click on malicious links. If a high number of employees fail the test, security teams know it is an area that demands added focus.
Cybercriminals are always looking for new ways to penetrate networks. IT security teams should be doing the same as well. By conducting threat intelligence research, cybersecurity teams will be able to better monitor existing vulnerabilities and identify new threats before they take hold within the network.
Once IT teams begin to like cybercriminals they are better prepared to proactively and offensively implement robust strategies to defeat attempts at compromising their networks:
For the financial services sector, cybersecurity is one of the primary business imperatives that firms must put front and center to not only safeguard their clients’ financial data, but to also serve as a business enabler and drive innovation to stay ahead of the growing threat landscape.
Financial services IT teams that think like cybercriminals will be able to take an offensive approach to security. Understanding what makes the organization an attractive target, and how malicious actors will attempt to gain entry will lead to a more secure network and reduce the number of costly data breaches that impact the organization. Implementing these best practices will enable secure services that deliver the peace of mind that their networks are secure and protected from even the most sophisticated attacks.
Let’s get a conversation going on Twitter! Have you ever thought like a cybercriminal to prevent a data breach?