OFFICIAL PUBLICATION OF THE VIRGINIA ASSOCIATION OF COMMUNITY BANKS

Pub. 11 2022 Issue 3

How-to-Enhance-Your-Bank's-Defenses--feature-GettyImages-1347879995

How to Enhance Your Bank’s Defenses with a Holistic Cybersecurity Approach

It’s no secret that financial institutions remain attractive targets for cybercriminals due to the amount of sensitive data they hold. Cyber threats and attack vectors are ever-changing, especially due to the current geopolitical climate. As a result, banks should embrace a holistic cybersecurity approach to strengthen their defenses against these evolving threats.

While the prevalence of cyberattacks has led many consumers to become desensitized to the potential risks, your bank cannot afford to become numb to the looming operational and reputational risk. According to IBM’s 2021 Cost of a Data Breach Report, the average cost of a breach in the financial services industry was nearly $6 million.

Here’s the unfortunate truth: Your bank cannot rely on a single solution to protect against every attack. But a holistic strategy that includes layers of defenses offers the best protection against cybersecurity threats for your entire IT environment.

Five Components of a Holistic Cybersecurity Approach

The more security layers you have, the more difficult it becomes for cybercriminals to successfully infiltrate your systems. The following cyber hygiene tips aren’t exhaustive, but they do demonstrate how to mitigate cybersecurity risk by deploying overlapping layers of defenses.

  1. Educate Your Employees
    While technology can stop a breach once detected, preventing a breach altogether with effective cybersecurity training will always be a more effective strategy. Your employees are on the frontlines of this fight to prevent attacks, and you should prioritize training for identifying and responding to the latest social engineering tactics.

    Educate employees on the evolving threats and ensure they know steps to take if they encounter a suspicious email, message or person. Consider providing cybersecurity training to your customers to further mitigate cybersecurity risk.

  2. Update Your Security Policies
    As employees work remotely and institutions adopt cloud-based technology, systems operate and interact with increasing complexity. Because of this, security policies don’t always align with new technology.

    Reviewing and ensuring internal compliance with necessary security policies will strengthen your cybersecurity posture. For example, your bank may have proper policies in place, but these policies should be reviewed after implementing new technology, such as a migration to a cloud environment.

    Additionally, ensure your software is up to date and expedite the installation of patches to decrease the risk of exploitation. If vulnerabilities are publicly known, hackers will try to take advantage before patches are implemented.

  3. Ensure Complete Visibility with Cybersecurity Monitoring
    In today’s cybersecurity landscape, your bank must avoid any blind spots in your monitoring. You need a holistic view of your environment, or you could miss security incidents that may alert you to meaningful suspicious activity. Technology like anti-virus tools provides a basic level of monitoring but doesn’t offer the same protections as advanced solutions.

    Endpoints often have fewer safeguards than servers or other larger equipment, making them a popular target for cybercriminals. Endpoint detection and response (EDR) monitors specific endpoints for anomalies and blocks the spread of malware. Security and Event Management as a Service (SIEMaaS) is another powerful solution that collects and holistically reviews logs from devices throughout your technology environment, such as firewalls, anti-virus solutions and endpoints.

    With a holistic view, you can monitor and resolve incidents occurring within your network. Regulators are even beginning to implement requirements associated with visibility to ensure comprehensive monitoring of the entire network.

  4. Limit Privileges and Segment Access
    In addition to comprehensive monitoring, limit the number of employees with access to sensitive data by appropriately assigning and monitoring security rights and privileges. Institutions should review existing privilege controls for all users and ensure the level of access is appropriate.

    Allowing employees to access only the data and systems necessary to execute their day-to-day tasks will limit the actions cyber criminals can take if they gain access to the system. Segmenting access and restricting scope help mitigate the effects of malware should an attack occur.

  5. Require Strong Passwords and Multi-Factor Authentication
    Your bank should implement strong password requirements to make it more difficult for cybercriminals to access user accounts. According to a recent report, an 18-character password using lowercase letters would take two million years to crack. Meanwhile, using the right technology, a seven-character complex password could be cracked in nearly 30 seconds. This disparity proves the importance of longer passwords or even passphrases to enhance account security.

    In addition to hardening passwords, implement multi-factor authentication (MFA) to verify a user’s identity and prevent unauthorized account access. With MFA, a user must provide a third piece of information to access their account in addition to their username and password. Additionally, MFA for privileged account access within an institution’s environment is a regulatory and cyber insurance requirement.

Boost Your Cyber Defenses

The more layers of security your bank embraces to prevent, detect and remediate threats, the lower the likelihood a cyberattack will devastate your operations or reputation. To learn more about current threats in the financial services landscape and strategies to boost your bank’s defenses, go to www.csiweb.com.

Sean Martin is director of Product Strategy, CSI Business Solutions Group for Managed Services. He has worked to establish cybersecurity programs for financial institutions for over 15 years. Previously, Sean has served as Network and Security Operations Manager, Product Manager, and various engineering roles since 2001. In his role, Sean identifies and implements solutions designed to maximize security and profitability for financial institutions. Sean regularly speaks on various financial technology issues, ranging from managed services to IT security best practices.