Why IT security teams and employees need to work together to secure finance organizations

Why IT security teams and employees need to work together to secure finance organizations

Financial institutions stand the best chance of achieving cyber hygiene if they make it their mission to teach their workforce about important cybersecurity behaviors. David Sajoto, Vice President of Sales for Asia Pacific and Japan, ExtraHop, explains the important of cyber hygiene for finance organizations.

Major data breaches are more than blips and nuisances. Often, such incidents cause damage and disruptions that are difficult to recover from, operationally and economically.
In the Singapore Cyber Landscape 2019 report, the Cybersecurity Agency noted a rise in cyberthreats targeted at various local industries, including e-commerce, banking and finance. These cyberthreats included common malicious activities such as website defacements, phishing incidents and malware infections.
As Singapore opens up to more technology players, including e-wallet services and cryptocurrency firms, the Monetary Authority of Singapore (MAS) announced new cyber hygiene rules in 2019 for financial institutions. This is in preparation for greater governance and transparency as Singapore prepares to issue digital bank licenses to non-bank players in 2020.

Back to basics: Cyber hygiene

Cyber hygiene is a familiar term but do users and security teams really understand how paying attention to the basics, secures the enterprise?
The term cyber hygiene was coined about a decade ago to describe two things:

  1. The practices users should follow when online, to reduce the likelihood of systems being compromised or corrupted by hackers, cybercriminals and accidental data breaches.
  2. The regular security processes enterprises should implement to keep their ICT infrastructure secure.

The aforementioned are critical to achieving a robust cybersecurity posture and presents an accessible way to think about what may be pressing issues.
However, a notable challenge is getting employees in financial institutions to think in the same way and reinforce their commitment to safer cyber practices. As part of raising awareness, it would be helpful to spell out exactly what rigorous cyber hygiene consists of, rather than merely providing employees with a list of dos and don’ts.
The SAFET-Y acronym represents a simple way to quantify the vulnerabilities they face.

Typically, they encompass five key areas:

• Storage and device hygiene
• Authentication and prevention hygiene
• Facebook and social media hygiene
• Email and messaging
• Transmission hygiene

Additionally, institutions should provide employees with examples pertaining to real-life work situations, specific to each area of vulnerability identified above. Then, identify the systems to use, that will increase the likelihood of them following rules and incorporating good cyber hygiene into their modus operandi.

Testing employees’ awareness, knowledge and technical capabilities – and their current utilization of those capabilities – can help enterprises determine where resources would be best focused, to mitigate the collective risk.

How Machine Learning and Artificial Intelligence can help

To fight against cyberattacks, Machine Learning (ML), allows for augmented analytics to help security staff decide what to investigate, detect low-and-slow attacks that defenses have missed and gain enough time to explore serious problems.
Crucially, Machine Learning allows finance organizations to recognize fraudulent behaviors, to look out for post-breach behaviors and indicators of compromise. The attack surface is enormous, and there are a million ways that organizations can be breached. Machine Learning behavioral tools can help to detect these suspicious behaviors so that organizations are always one or two clicks away from being able to determine if something requires an incident-response scenario.
Meanwhile, for IT security teams, good network hygiene is about staying on top of the basics. This means eliminating the use of weak cyphers, expired and self-signed certificates, and putting patching protocols in place so vulnerabilities are addressed immediately, not in the weeks and months after detection.

Getting employees thinking harder about cyber-risks

Ease of use and significance are two factors that determine the uptake of cyber hygiene practices. That is why the focus should be on getting user buy-in and user compliance.

Financial institutions stand the best chance of achieving cyber hygiene if they make it their mission to teach their workforce about important cybersecurity behaviors, why they matter and the implications for themselves and the business if these practices are not rigorously adhered to.

Finance organizations that neglect raising awareness may find themselves in a situation equivalent to that of a café owner ordering their employees to wear gloves without explaining the rationale, only to observe them blithely moving from food prep to bin duty and back again, while wearing the same pair of latex.

Protecting the enterprise by empowering employees

While cyber hygiene is an accessible term for users, it is not necessarily helpful unless employers explain its importance and get employees to take ownership of their behavior when handling sensitive financial data, applications and other resources.

Raising awareness of cyberthreats and the cascade of consequences following an incident can aid in understanding the necessity of security measures and increase willingness to work together to reduce risks to the enterprise.