The cyber landscape is constantly evolving and staying ahead of these threats is a never-ending job. Market data and risk analysis firm, Thomas Murray, recently hosted a webinar featuring 杰森·哈勒尔, 存 Managing Director, Operational and Technology Risk and Head of External Engagement. The discussion centered on the most important cyber issues impacting the financial services industry and the importance of a robust cybersecurity approach.
Related: Best Practices for Managing Extreme Cyber 事件
面对新的网络威胁
Cyber risk is of critical importance across sectors, 行业及地区, and impacts all areas of the organization, 包括高级管理层. Harrell commented on the top three emerging threats cyber professionals face today:
- 供应链攻击: The financial services sector will continue to experience cyber-attacks against its third parties. Critical service providers deliver services to several financial firms and a breach of these services could create systemic impacts.
- Emerging Technology Vulnerability: The introduction of new and emerging technology may modify existing risks or create new risks that need to be identified and managed.
- 物联网: The seismic shift toward working from home in recent years has introduced new potential ways to breach networks. Many homes have internet-enabled devices. 这些设备, 如果妥协, could gain access to the workstations utilized to access to the corporate network.
Enhancing 操作弹性
In response to these threats, firms must concentrate on their operational resilience. Because breaches are inevitable, financial institutions should increase their focus on building the capabilities needed for a rapid but safe recovery. To enhance operational resilience, there is a growing need to enhance information-sharing channels between financial institutions and financial authorities. Given the increased use of third parties by financial institutions to provide financial services, these institutions must also increase the rigor of third-party and supply chain risk management.
Related: Why Cyber Advocacy Is a Pivotal Step for Cybersecurity Efforts
量子困境
What is the exposure of encryption and the impact of quantum computing? While today’s encryption methods use algorithms designed to be impenetrable for thousands of years, the quantum-based computers of the near-future could break these codes in mere seconds. 存最近的白皮书, Post-Quantum Considerations for the Financial Industry, explores the risk of 帖子-quantum technology and the initial steps to begin industry preparedness.
Creating A Culture of Security
Resilience is inclusive of more than IT and business continuity organizations. Senior management needs to understand and provide a governance model that allows the organization to build its capabilities in line with financial authorities’ expectations. The best way for firms to prepare for cyber-attacks is through understanding and documenting critical business services that institutions provide to clients, as well as the people and processes of third parties that deliver the services.
测试,测试,再测试
Harrell emphasized the importance of 测试ing by stating: “Firms should conduct scenario 测试ing to understand the impact of severe but plausible events to critical business services, build capabilities to mitigate the impact of these scenarios, 最后测试一下, 测试, 测试 to decrease the operational friction when these events occur and increase the muscle memory of these groups to respond to these events.”