Intelligent CISO Issue 13 | Page 44

Gerald Beuchelt, CISO, LogMeIn industry unlocked Banks and financial institutions are frequently targeted by cybercriminals. Gerald Beuchelt, CISO, LogMeIn, discusses the steps that those operating within this industry vertical can take to strengthen defences and step up enterprise security. C 44 Cyberattacks are increasing at an alarming rate and in 2018 we witnessed breaches hit several trusted brands across various industries, including British Airways, Ticketmaster and, most recently, Facebook. However, the financial sector continues to be one of the most lucrative targets for criminals: UK banking customers lost £358 million to unauthorised fraud in the first half of this year. With the appeal of huge financial gain, along with access to a wealth of high value personally identifiable information (PII), it’s perhaps unsurprising that financial services firms are targeted more than any other sector. Although the threat landscape is fast evolving and attackers’ techniques are becoming increasingly sophisticated, passwords continue to play a major role in breaches: 81% of data breaches involve weak, reused or stolen credentials. Bearing in mind the level of risk involved in banks and financial institutions, we could be forgiven for assuming that such organisations would be ahead of the game in their security practices. However, a recent study that scored businesses on password practices and multi-factor authentication (MFA) adoption found the industry performing below average. With security practices continuing to plague organisations, what steps can banks and financial institutions take to strengthen defences? Technology: Invest and evaluate Breaches occur when vulnerabilities within a company’s security architecture are exploited by attackers. Cybercriminals, especially those motivated by the huge potential monetary rewards in attacks on financial institutions or FinTech companies, are constantly adapting and evolving their techniques, so the financial industry must continue to invest in technology to stay ahead and defend against emerging threats. Banks simply cannot afford to make assumptions about the effectiveness of their technological defences. Just because something protected a business last year (or even last month), that doesn’t mean it will be sufficient today. While risk assessments of critical systems should be a regular occurrence within financial institutions, organisations should also ensure they assess secondary systems containing non- critical assets. Employee-private activities and accounts, such as personal emails or Facebook, are still potential gateways to an internal network, so authentication policies should be a main focus of these assessments. It’s also important that organisations consider roles and permissions to ensure employees only have access to the information they need to carry out their job. Implementing privileged access management technology can help mitigate the risk of data falling into the wrong hands. Issue 13 |