People want their financial services to be secure. From banks to brokers, the handing of money can be a sensitive issue, and as the world continues to move across the digital landscape, there is only going to be an increase in the number of threats than can compromise funds and account information.
But not only are the people who trust these organizations concerned with their potential practices – the government is, too. Regulators are pushing for banks to become more invested in cyber risk management, threat intelligence, incident response and resilience, vendor management and governance.
“The financial services sector is facing high-impact, high-likelihood threats that will require better risk management,” said supervisory financial analyst for the Federal Reserve Board of Governors Chris Olson. “We need to integrate cyber risk management into business processes as a business-as-usual activity. Regulators want to see evidence that vendor risk is managed over the life of the contract, that threat intelligence is used to inform risk assessments, and, of course, that appropriate governance processes exist.”
Financial institutions have to have the right assets in order to protect against modern threats to security. This may involve making the right investments in proper software that is capable of disarming malicious programs or preventing them from entering the network outright.
Heartbleed and Target send wake-up calls
The news never seems to be short on stories dealing with security breaches these days. The biggest two in recent memory – the hacking of Target POS systems and the discovery of the Heartbleed loophole – have pushed more attention on the protection of networks to defend financial information, and there is no bigger advocate for change than the government itself.
“These two unrelated recent events have virtually transformed the information security landscape overnight, and banks around the world are rushing to assess the impact,” wrote Attivio contributor Peter Thompson. “And not far behind, or perhaps in many cases ahead of the banks, are the governmental agencies. The difference here is that this is not just your run-of-the-mill warnings, press releases, or regulatory notices from your usual alphabet soup of bank regulators, as they are not necessarily the last word in regulations for cybersecurity or data protection but a whole different class of characters.”
In order to stay on guard and secure, banks should invest in anti-virus and anti-executable software like the kinds available from Faronics. Malware and spyware can be easily rooted out and deleted, while a list of approved applications keeps malicious software from even being activated in the first place.