Stopping Cyber Tricksters at the Door
by Teri Wesley
In many parts of the country temperatures are dropping, the days are getting shorter, and Mother Nature is painting treetops with vibrant fall foliage colors. It’s also the time of year to be on the alert for black cats, wicked witches, ghoulish goblins, and evil spirits roaming the neighborhoods searching for treats and performing mischief (tricks) if no treat is given. Halloween and National Cyber Security Awareness Month (NCSAM) are both observed during the month of October – coincidence? I think not. The annual NCSAM campaign, sponsored by the Department of Homeland Security and National Cyber Security Alliance, is designed to promote awareness of the evil spirits lurking behind the anonymity of the Internet who prey on consumers and businesses and nefarious cyber thieves who trick users into giving up financial treats. While NCSAM is a good time to raise consumers awareness and train your staff, cyber pranksters aren’t limiting their activities to the holidays or specific seasons. Financial institutions must stay alert at all times and take defensive measures against the malicious tricks criminals devise to infiltrate networks and customers’ accounts in search of data goodies and monetary treats. According to security vendor Websense, financial services firms are hit by security incidents 300 times more frequently than businesses in other industries. That means that while the average American business is attacked 4 million times per year, a financial services firm in the U.S. is targeted a staggering 1 billion times per year. The Identity Theft Resource Center reports that of the record-setting 1,579 data breaches occurring in 2017, 8.5 percent involved the financial services sector. Added to the increased risks is the economic impact cyberattacks have on financial services firms versus other industries, which is reportedly $18 million per financial firm hit by a cyber event (vs. $12 million for firms across industries). In 2017 alone, banks lost $16.8 billion to cybercriminals, and attacks on global financial network SWIFT have resulted in losses of $1.8 billion year-to-date. In addition to the costs of cybercrime, financial firms also face regulatory fines, litigation, additional cybersecurity following the breach, negative media coverage, identity theft protection and credit monitoring services to customers affected by a breach in addition to revenue loss due to reputational damage.
In the U.S. alone, more than 260 million records were breached due to hacking over the last three years in the financial sector. The Ponemon Institute estimates that the average cost per stolen record in the U.S. was $141 in 2017. Applying the Ponemon estimates, losses due to data breach over the last three years would be around $38 billion for U.S. financial firms alone.
It’s no longer a matter of if, but when your institution will face a cyber incident. In today’s volatile threat environment, no organization or entity is immune from cyber attacks. Earlier this month, the government agency established to defend this country was unable to defend themselves against the sophisticated tricks cybercriminals deploy. The U.S. Department of Defense disclosed that hackers broke into the systems of a third-party vendor and stole the data — including credit card numbers — of a 30,000 of its 740,000 employees.
Just as frequently washing your hands can help prevent the flu, there are cyber hygience measures your institution can take to build a cyber defense that is comprehensive and resilient. Effective cyber hygiene involves implementing security controls and best practices that proactively protect and maintain IT systems and devices. Consider it the technological equivalent of locking your doors and windows. Some basic practices include:
- Keep operating systems and software patched with the latest updates as soon as they are released.
- Conduct thorough employee training and regular reviews of authentication and security controls.
- Perform cyber intrusion drills. To mitigate damage and speed the recovery process, prepare in advance for how your institution will respond in the event of a cyber incident, just as you do for other disasters.
- Manage third-party software and vendors. Major data breaches (including the Equifax hack) were caused by unpatched vulnerabilities found in third-party software.
- Manage endpoint configurations. For strong endpoint security, you need a complete and continuously updated inventory of all devices, including PCs, laptops, IoT devices, and peripherals., including detailed cataloging of their hardware specs, installed software, locations, users, vulnerabilities and configurations. Effectively monitoring your endpoint vulnerabilities is key to ensuring infrastructure security.
Deploying these best practices increases your institution’s ability to deal with the sophisticated threats that haunt today’s evolving and dangerous digital landscape, and will protect your institution (and assets) from cyber tricksters who will be around long after the ghosts of All Hallows’ Eve have disappeared.
Originally appeared in Bankers’ Hotline Vol. 28, No. 10, 10/18