Cybersecurity is an enormous issue facing every industry, every company, everywhere. Banks and financial institutions of all sizes are particularly at risk from escalating cybersecurity threats. Addressing this cybersecurity challenge can be incredibly frustrating and exhausting. Even with substantial resources allocated to mitigating cyber threats, the fight can feel like an uphill battle with no end in sight as breaches keep occurring.
The new reality is that anyone on the planet with enough motivation can get access to tools and techniques that can cause massive amounts of damage to any organization – including yours. Here are five tips to keep in mind for managers of financial institutions who are working tirelessly to keep their enterprise and customer data secure.
Commit to the mission.
Financial institutions operate with many external forces putting pressure on their resources. They must integrate cybersecurity products and services that are compliant with government regulations and satisfy increasing comprehensive audit requirements, while minimizing any adverse performance impact on customers or bank operations.
Trying to reconcile these factors can be daunting, particularly when organizations think they have found viable approaches to help tighten security, yet then can’t move forward because of new regulations or compliance requirements. The never-ending challenge is that by the time new standards and regulations are created, they’ve often already been defeated by new cyber-attacks. While you’re scrambling to implement solutions, the bad actors are working around the clock to defeat what’s being done. How do you evolve to more secure operations with this dilemma?
Just stay at it. New technologies and tools are available every day in the marketplace. Deeper understanding is emerging as the financial industry comes down the learning curve of assessing and addressing cybersecurity risks. Work with vendors who employ zero-trust principles in their offerings to ensure the methodologies provided consistently combat and stay in front of incoming threats. Diligent commitment for continuous improvement will eventually yield an effective cybersecurity posture for your operations.
Shift to a security-first mentality.
Building networks to connect everyone and everything, then “bolting on” defenses to secure it obviously hasn’t worked well to achieve cybersecurity resiliency. Cybersecurity is about quality, and quality is about minimizing risk. There is simply no reliable way to “inspect” true quality into a system. To be effective, quality must be “built in” from the “ground-up”. Try rethinking network operations from a perspective of requiring a secure network first, and then figuring how to connect efficiently to it. This offers a mental picture of how to integrate cybersecurity as a core requirement of IT systems to create inherently more resilient and reliable operations to effectively address today’s (and tomorrow’s) threat environment.
Don’t look for a quick fix.
It is important to recognize that there is no quick and easy “fix” for cybersecurity at large. There are no “silver bullets” and there is no one security product or good behavior that will account for every potential threat. Similarly, maintaining “patches” is essential for continuous improvements of software and systems, but “patching” by its very nature is playing catch-up. It’s like fixing the bank vault and catching the robber after the bank has been robbed.
Reliable and resilient cybersecurity posture requires a defense-in-depth approach that integrates both proven methods and innovative capabilities. Understanding the vulnerabilities presented by an ever-increasing interconnected world should be part of the only going cybersecurity process. IT managers and CSOs should continue to look for innovative solutions that can eliminate vulnerabilities even if unidentified before they are exploited. Consider how much more effective (and less resource intensive) it would be to stop the next bad actor before a compromise occurs.
Segment your critical operations.
Segmenting critical operations that cannot withstand exposure to vulnerabilities is a well-proven concept for network operations. But, its utilization may have become overshadowed by the excitement of interconnecting devices and the buzz of the Internet-of-Things (IoT). Assessing the risk profile associated with your operational use cases offers insights to those critical operations that cannot withstand exposure to an open-protocol ecosystem as candidates for more robust virtual and physical segmentation. Rethinking your network architecture to segment your critical operational systems to minimize or eliminate their exposure to Internet “cloud” vulnerabilities can enhance cybersecurity posture as well as operational efficiencies.
Effective selection of segmentation technologies requires thoughtful application as to how they map to the risk profile of a particular use case. For example, though software defined approaches may be sufficient for general purpose, public facing operations, they also allow for exposure to open-protocol internet vulnerabilities. So, the risks may outweigh the benefits.
This approach to segmentation is a catalyst for many more questions about what to do next – and how to secure a network. For instance, while blockchain solutions may offer transaction audit trail efficiencies, are they sufficient to fully isolate from “cloud” vulnerabilities with efficiency at scale? How can security cameras, alarm systems, HVAC systems and other operational technologies (OT) be securely protected from information technology (IT) network connection? How can we use our systems as well as our software to more effectively segment critical operations from cybersecurity vulnerabilities? Utilization of a “defense-in-depth” approach answers these questions, by offering a path for thinking through a viable selection of segmentation architectures and tools.
Finally, go back to the fundamentals.
Addressing cybersecurity challenges boils down to taking a step back, and relooking at your operations, architecture and use cases holistically to understand where risks can and cannot be tolerated. In doing so, you’ll discover practical ways to improve your cybersecurity posture with improved processes, tools, and systems you have without major expense or disruption. Gaps may become more apparent that warrant application of virtual and physical segmentation, new zero-trust tools, more advanced technologies such as SDN and blockchain and other means. Adoption of a “defense-in-depth” approach to solutions with a commitment to diligent continuous improvement offers a path to a more reliable and resilient cybersecurity future.