Connect with us

Technology

WHY RANSOMWARE READINESS IN THE FINANCE SECTOR IS CRITICAL

Published

on

By Piers Wilson, Head of Product Management at Huntsman Security

 

Ransomware attacks have been making headlines recently. From AXA to CNA Financial, no part of the finance sector is impervious to the risks. For many organisations, initial worries focus on the logistics and the cost of a ransom, however, the wider damage and costs increasingly relate to rectification, revenue loss and reputational damage. Attacks, such as in the Kaseya case, have also shown the increasing risks that “trusted” service providers and 3rd party supply chain participants can bring – multiplier effects that can quickly  impact one million endpoints, with a ransom set at US$70m.

The network effect in the financial services sector benefits all stakeholders – from institutions to consumers. The increase in shared data and services, however, compounds the risks of successful cyber attacks. And, as we have seen with the impact of ransomware on pipelines and even food processors, the impact on organisations, and individuals, of being locked out of systems is huge. If customers cannot access funds or transact with service providers across the supply chain, anxiety and costs can escalate and commercial reputations quickly trashed.

 

An easy way out?

Businesses might have once seen the payment of a ransom as a potential ‘quick fix’ to the problem of ransomware attacks. This option, however, is now likely to become a thing of the past as bans on ransom payments are being contemplated in France and in the US by the SEC and OFAC. . In Australia, there are calls for mandatory notifications of ransom payments by ransomware victims.

Finance sector organisations also need to consider that even when ransoms are paid, the decryption process and returning to business as usual can be so slow that the ability to reinstate operations from their own internal backups and security safeguards can be achieved in the same time. As the scale of attacks and disruption of those impacted by supply chain ransomware attacks escalates, the message is increasingly that time is of the essence. If you can’t trust the decryption key from an attacker, then you are best advised to invest your time and effort in reconstructing, reconfiguring and securing your IT systems and services from the ground up so as to be confident in their integrity.

Despite the possibility that the payment of ransoms will become unlawful, cyber insurance will remain an effective tool for organisations to fund the process of getting back up and running quickly and reducing disruption. Insurers are demanding that prior to issuing a cyber policy, organisations must now show evidence of their having adequate cyber security controls in place. In fact, growing ransomware threats make it likely that insurance premiums will increase even further, so getting verifiable cyber risk management capabilities in place is likely to move even further up the list of board priorities.

 

A challenging environment

The financial sector also faces some other more particular challenges. Many financial institutions hold vast amounts of personal data, whether on accounts, transactions, users or reports. Complicating this is open banking legislation, like PSD2 in the UK/EU and CDR in Australia, which requires that the process of customer approved sharing of their personal data, is easy and accessible. These rights for consumers to have their personal information held and transmitted between financial sector participants will necessarily redistribute the responsibilities for cyber security in the sector and as a result, increase the levels of cyber security risk during this period of adjustment to a changing environment.

The financial services sector is already – and indeed, always has been – an attractive target for criminals at all levels. The requirement that customers have greater control over access to their data adds the requirement for whole new level of ransomware readiness. Organisations could face anything from disgruntled employees, to fraud, to criminal ransomware attacks seeking to enable the wholesale theft of personal data. The stakes couldn’t be higher; so what can the sector do to protect itself?

 

Preparing for ransomware attacks

Putting in place anti-virus software and network defences – alongside the rise of endpoint detection and response – can certainly help manage attacks. But these solutions rely on detecting malicious activity in the first place. What if your endpoint or network solution misses the attack, without warning? Do you have visibility into what’s happening? Are there other controls in place that can mitigate the threat? Are they monitored and managed as part of an IT risk management program?

More attention must be given to preventing or at least limiting successful ransomware attacks before they do serious damage.  Getting the basic cyber security controls in place and working to protect recognised threat vectors, really pays dividends as these are precisely the weaknesses that ransomware attackers are likely to exploit.

There are three areas to focus on. The first two are the prevention of any initial infection and containment or limitation of the spread if one does occur. These strategies need to be coupled to a third, recovery, which ensures systems and data can be restored and an incident can be successfully managed. The core principles of effective risk management apply – identify and triage the risks and manage them accordingly.

There are some key safeguards organisations can adopt to support each of these elements:

 

Prevention

  • Application control – ensuring only approved software can run on a computer system, securing systems by limiting what they can execute.
  • Application patching – applications must be regularly updated to prevent intruders using known vulnerabilities in software.
  • Macro security – checking that macro and document settings are correctly configured and to prevent the activation of malicious code.
  • Harden user applications and browsers – use effective security policies to limit user access to active content and web code.
  • Firewalls/perimeter – and even physical on-site security – limit user access outbound and remote connections inbound.
  • Staff awareness – while not a technical control, building a “cyber culture” and a better understanding by staff of cyber security, the threats and mitigation strategies that can minimise cyber attacks, is vital.

 

Containment

  • Restrict administrative privileges – limit admin privileges by allowing only those staff needing to access systems to do so, and then solely for specified purposes and within controlled access.
  • Operating system patching – fully patched operating systems will significantly reduce the likelihood of malware or ransomware spreading across the network from system to system.
  • Multi-factor authentication – used to manage user access to highly sensitivity accounts and systems (including remote users).
  • Endpoint protection – install anti-virus software and keep it updated.

 

Recovery

  • Regular backups – secure data and system backups off-site and test your recovery processes.
  • Incident response – in planning for a worst case scenario make sure everyone is well versed in the incident management playbook.

 

Gaining assurance in controls

Businesses must make sure they are monitoring their security controls to ensure that they are working effectively. If one control is ineffective, the IT teams need to know quickly to mitigate any shortcomings and reinstate an adequate cyber posture. A “cyber security culture” that ensures these risks are a board level issue will improve overall corporate ransomware preparedness.

The board should receive reports that provide clear visibility of these controls, and leverage these KPIs as part of their cyber security risk management process. They can be used as part of a continuous cyber security improvement program. Being able to monitor readiness and assess the risk of attack provides early warning defence and confirmation that cyber security risk management processes are in hand.

 

Summary

The financial services sector faces many challenges when it comes to putting in place comprehensive cyber security risk management practices. If a bank or insurer was affected by a significant ransomware attack, the wider implications on the economy could be significant. Recent fuel shortages resulting from the Colonial Pipeline incident gave us a glimpse of the resulting widespread public panic and concern. It was reminiscent of the run on Northern Rock bank branches in the UK in 2007, at the start of the financial crisis. It doesn’t take much to imagine the level of public panic that would ensue if a massive ransomware attack locked consumers out from accessing their funds.

Organisations in the sector must have comprehensive cyber defences and controls, backed up by regular monitoring to make sure they are working effectively, and ensure that if one control fails to identify or prevent an attack, other complementary controls are operational and able to limit its impact.

That way the risk of a successful attack can be minimised, and organisations can maintain effective IT governance to better prevent costly disruption to their systems, operations and reputations.

 

Business

TAKE THE NO-CODE LEAP TO DIGITAL INNOVATION WITH A FUSION TEAM

Published

on

By

Chris Obdam, CEO, Betty Blocks

 

In the last couple of years, a new sector has emerged alongside enterprise financial organisations—an ecosystem of fast-growing Fintech startups that develop innovative solutions for the banking sector. These small, flexible startups and scale-ups began filling a gap the ‘big boys’ left quite some time ago. Then, they gained even more ground during the pandemic. According to KPMG, Fintech investments worldwide amounted to $98 billion USD in the first half of 2021, compared to $121.5 billion over the whole of 2020[1].

 

The massive surge has financial regulatory bodies scrambling to balance the benefits of modernising the industry with the necessity of strong oversight. But, what if traditional financial enterprises could combine their durability, reliability and years of experience with the flexibility of a startup? They can! More and more enterprise organisations are becoming agile, empowering digital-savvy colleagues and improving competitive value.

 

Fusion teams

Their approach? They break through patterns and almost literally through walls in their organisation. The most successful organisations team up with genuine problem solvers. It’s a solution-oriented approach, which can be really successful if governed the right way. We like to call it a fusion team, a team that empowers digitally-skilled and solution-oriented employees to work side-by-side with the IT department while using a low-code and no-code development platform.

 

Citizen development

A fusion team brings together people with diverse professional backgrounds who use data and technology to achieve shared business outcomes. Ideally, a fusion team combines pro-developers with citizen developers. A citizen developer is a business person without coding experience that builds apps using a no-code or low-code platform.

The purpose of the professional developer, in a fusion team, is not to train the citizen developer to become a pro-developer but to bring guidance and governance to the project. Before building successful software, a fusion team will require knowledge and guidance through the software development life cycle (SDLC) phases. IT feedback is crucial to helping a fusion team understand what makes good software and how new platforms can (or cannot) integrate into an existing system. Citizen developers should receive coaching to make decisions that lead to architecturally sound, value-adding applications.

 

What are the challenges that a fusion team can tackle?

  • Modernisation of legacy systems. Many banks have been around for years, expanded their software, but regularly have to deal with legacy systems or even a vendor lock-in.
  • Regulations can change fast; that’s why financial organisations need to increase flexibility and improve adaptability. A flexible layer on top of core systems or legacy systems can profit the whole organisation.
  • Counter shadow IT. Thousands of employees means that a lot of solutions are single handedly-built. All these solutions can be beneficial for the employees and even for your customers, but the thing is that they are not checked and governed by IT. For example, you run the risk that they are not meeting all your security requirements.
  • Digitisation of processes, like the onboarding process for customers, is still a long paper process within financials. What if this could be 100% digital and automated? This could save you a lot of repetitive work, energy and money.

 

Create an environment for innovation

Banks tend to have difficulties setting up the right conditions to empower the workforce to innovate towards the future. Our first reaction to possible security risks is to impose more rules and restrictions, while the solution lies in a coaching attitude, independent of strict regulations. You can empower digital transformation by using a no-code or low-code platform.

A fusion approach encourages better software governance, allowing IT to help mitigate the risks of shadow IT projects. With a no-code or low-code platform, you can combine existing secure systems, extract data more efficiently, effectively communicate and convey between systems and thus better manage qualitative information. Governance is not a simple process or a task to check off and forget about; the essential governance feature for low-code or no-code development is a platform provider with the flexibility to adapt to specific needs of an enterprise. The provider should be a partner in expanding the role of citizen developers within the organisation.

Taking the leap into no-code software development with a fusion team will empower the entire organisation in digital transformation. It’s a strategic move that helps enterprises become more resilient against unexpected challenges – such as a pandemic or new consumer demands. Furthermore, you create a modern and innovative working environment with digitally-capable and engaged employees.

 

[1] Source: KPMG:

https://home.kpmg/nl/en/home/media/press-releases/2021/09/record-fintech-investeringen-in-eerste-helft-2021.html

 

Continue Reading

Business

IDENTITY SECURITY IN THE ERA OF SOX

Published

on

By

By Steve Bradford, Senior Vice President, EMEA, SailPoint

 

The Sarbanes-Oxley Act (SOX) is a federal law that mandates practices in auditing and financial regulations for public companies. Its original intent being to restore trust in a corporate and financial system that had been rocked by major accounting scandals such as Enron, WorldCon and Tyco. Legislators believed if there was no trust in the major corporate institutions of America, then the whole fabric of capitalism could be brought into question.

Initially only applying to American companies, every major institution that dealt with America had to comply with SOX. It was a huge a success with the number of financial scandals emanating from the US dropping dramatically since compliance. But can The UK follow suit?

 

Preparing for “SOX UK”

The UK has had its own high profile business collapses – notably BHS and Carillion. So, the government has launched a consultation programme that mimics the US SOX rules. The consultation on reforms aims to ‘restore trust in audit and corporate governance’ and applies to auditors, companies, directors, audit committees, investors, other stakeholders, and the regulator.

A focus is on companies with a significant public interest, otherwise known as Public Interest Entities (PIEs). These include financial institutions, banks, insurance companies, underwriters, and alike – many of which are already familiar with a high degree of financial scrutiny. A noteworthy difference is the stated preference to expand the UK SOX controls beyond public interest companies, which could include large companies in retail, manufacturing, logistics and automotive.

UK SOX may seem like a massive undertaking if unfamiliar, but with the right technologies in place manual tasks can become automated, reducing time which can be then redirected to greater priorities or risks, and everyday operations will be guided by a strong set of well-defined controls.

 

A growing threat

The Sarbanes-Oxley Compliance 9-Step checklist provides a series of recommendations to protect the validity of all reported information and help businesses to ensure they are following the rules. This includes the need to establish controls to prevent data tampering, track data access, test the effectiveness of safeguards and detect security breaches – any of which need to be reported to SOX auditors on time.

As both physical and digital information are affected, accurate management is an integral part of compliance. Remote working, blockchain integration, and the emergence of cloud-based banking (Banking as a Service) have led to growing cyber threats, privacy concerns and compliance requirements through the complexities of connectivity.  For example,  multiple devices now connect to networks from different locations, accessing the vast amount of information in the cloud. There is now critical need to close security gaps outside the perimeter.

Some of the greatest threats lie within an organisation – either human error or more likely, the rise in risk facing the access today’s workforce has to technology. Complex corporate structures and departmental silos hinder management’s visibility into workforce roles, responsibilities, and data access. Traditional reliance on spreadsheets and manual processes for tracking data access and user identities leads to inaccuracies and inconsistencies.

Apart from being an auditing and reporting nightmare, the situation creates system gaps that are ripe for exploitation by threat actors.

 

Maintaining security through identity

To meet security and compliance regulations, companies and organisations must act smarter in how they protect their “perimeter”, which is centred on its people – the new threat vector of choice. Companies must prepare to automate business processes and embrace new security practices that fully protect the workforce and the tools they need to  do their job.

Staying in compliance with regulation is important for the safety of the company, but it is crucial that the right safety measures are in place. Identity access management can reduce the risk of insider threat, data breaches and human error for financial reporting – enabling automated logging and report generation for companies to make smart decisions whilst uncovering and remediating hidden or unknown issues that pose inherent risk.

 

The countdown to SOX

One commodity companies don’t have is an abundance of time. With less than 18 months to go until the SOX recommendations deadline, any form of automated access system is an essential first step in ensuring companies are prepared. Starting early is critical – given an implementation programme can take 18-24 months for a company that is used to stringent financial regulations. It’s time to get identity and access compliance right – automation can save a significant amount of effort and money, whilst improving the accuracy of identity management processes.

As seen in the US, UK companies not used to financial compliance procedures will have to catch up or ask for help – learning from the financial sector – and scale up their auditing and control to comply with more stringent regulations. The rules are there to help provide the security that regulators need for a secure commercial environment. Now is the time to act in order to reduce the risk.

 

Continue Reading

Magazine

Trending

Business35 mins ago

IS SCARCITY OF TALENT THREATENING THE UK’S FINTECH CROWN?

To be attributed to Rafa Plantier, Head of UK and Ireland at Tink   From the Square Mile to Canary...

SET YOUR BUSINESS UP FOR SALES SUCCESS IN A POST-PANDEMIC WORLD SET YOUR BUSINESS UP FOR SALES SUCCESS IN A POST-PANDEMIC WORLD
Business2 days ago

SET YOUR BUSINESS UP FOR SALES SUCCESS IN A POST-PANDEMIC WORLD

Dean Fiveash, Head of FinTech Sales, IFX Without doubt the Coronavirus pandemic impacted every aspect of our lives and fundamentally...

THE EVOLVING TECHNOLOGY NEEDS OF THE FINANCE DEPARTMENT THE EVOLVING TECHNOLOGY NEEDS OF THE FINANCE DEPARTMENT
Business2 days ago

THE EVOLVING TECHNOLOGY NEEDS OF THE FINANCE DEPARTMENT

Jennifer Sims, Senior Consultant at Xledger   The world of finance software is evolving quickly, but with many new software...

HOW RETURNS ABUSE AFFECTS RETAILERS HOW RETURNS ABUSE AFFECTS RETAILERS
Business2 days ago

HOW RETURNS ABUSE AFFECTS RETAILERS

By Aaron Begner, EMEA GM at Forter   Accompanying the significant growth in ecommerce over the past 12 months, is the...

TINTRA PLC FINALISES JOINT VENTURE WITH ARTIFICIAL INTELLIGENCE PARTNER TINTRA PLC FINALISES JOINT VENTURE WITH ARTIFICIAL INTELLIGENCE PARTNER
News2 days ago

TINTRA PLC FINALISES JOINT VENTURE WITH ARTIFICIAL INTELLIGENCE PARTNER TO BUILD INDUSTRY CHANGING REGULATORY TECHNOLOGY

Innovative fintech company, Tintra PLC(https://tintra.com/), has formed a joint venture with award-winning Artificial Intelligence and Machine Learning business, TMC2, via...

CELLPOINT DIGITAL PARTNERS WITH VYNE TO ENABLE INSTANT OPEN BANKING PAYMENTS FOR MERCHANTS CELLPOINT DIGITAL PARTNERS WITH VYNE TO ENABLE INSTANT OPEN BANKING PAYMENTS FOR MERCHANTS
News2 days ago

CELLPOINT DIGITAL PARTNERS WITH VYNE TO ENABLE INSTANT OPEN BANKING PAYMENTS FOR MERCHANTS

The partnership will allow CellPoint Digital customers to incorporate Vyne into its payment ecosystem and access instant payments without a...

WHY A MULTI-ACQUIRER STRATEGY IS KEY TO GLOBAL GROWTH WHY A MULTI-ACQUIRER STRATEGY IS KEY TO GLOBAL GROWTH
Business5 days ago

WHY A MULTI-ACQUIRER STRATEGY IS KEY TO GLOBAL GROWTH

As online business grows exponentially, finally fulfilling the internet’s promise of a ‘global village’ in which anyone can buy and...

Business5 days ago

TAKE THE NO-CODE LEAP TO DIGITAL INNOVATION WITH A FUSION TEAM

Chris Obdam, CEO, Betty Blocks   In the last couple of years, a new sector has emerged alongside enterprise financial...

Finance5 days ago

HOW FINANCIAL ORGANIZATIONS CAN PROTECT THEIR DATA

Yuval Wollman, President, CyberProof and Chief Cyber Officer, UST   Top executives from Wall Street’s largest banks pinpointed cybersecurity as the...

Top 105 days ago

IF IT’S A LOSS, YOU’RE TOO LATE – WHY THE INSURANCE INDUSTRY NEEDS TO FOCUS ON FIRST NOTIFICATION OF RISK

Simon Dicks, Insurance Channel Manager EMEA, Lytx   Insuring commercial fleets can be an expensive business. Average repair costs have...

Business5 days ago

IDENTITY SECURITY IN THE ERA OF SOX

By Steve Bradford, Senior Vice President, EMEA, SailPoint   The Sarbanes-Oxley Act (SOX) is a federal law that mandates practices...

News5 days ago

EXPERIAN LAUNCHES VERIFICATION SERVICE TO SUPPORT FASTER, MORE ACCURATE LENDING DECISIONS

Work Report™ is the UK’s first service that automates the digital sharing of payroll information on behalf of the consumer...

News6 days ago

TENUREX AND ELUCIDATE PARTNER TO INCREASE FINANCIAL INCLUSION WORLDWIDE

TenureX and Elucidate have announced a strategic partnership with a mission to increase financial inclusion worldwide and tackle the laborious...

Banking6 days ago

WHY THE TIME IS NOW TO BANK BEYOND BORDERS

by Lili Metodieva, MD of Monneo   As our world becomes more interconnected, so too does the need for banking...

News6 days ago

PAYCAST PARTNERS WITH MARQETA AND MASTERCARD FOR NEW MARKETPLACE PAYMENT SOLUTION

Paycast will leverage Marqeta’s modern card issuing platform and the Mastercard network to empower marketplaces with payment solutions that help...

Finance1 week ago

HOW FS ORGANISATIONS CAN USE API-DRIVEN DATA AUTOMATION TO JOIN THE OPEN BANKING REVOLUTION

By Steve Barrett, Senior Vice President, International Operations at Delphix    Technology is rapidly transforming all industries across the world. However, for the...

Banking1 week ago

IT’S TIME FOR BANKS TO SIT THEIR CUSTOMERS DOWN AND TALK OPEN BANKING

Eugene Danilkis, CEO at Mambu   We are living in an experience economy, and banking is no different. Customers need...

Banking1 week ago

WILL CHALLENGER OR TRADITIONAL BANKS WIN THE SECURE CARD PAYMENTS BATTLE?

By Vince Graziani, CEO, IDEX Biometrics ASA   Challenger banks have shaken up the payment ecosystem in the last decade....

Banking1 week ago

TOP ITALIAN BANK ROLLS OUT FIRST OF ITS FULLY DIGITAL BRANCHES WITH AURIGA

Banca Carige Smart, the new intelligent branch model enabled by Auriga #NextGenBranch solutions , combines digitalisation with a human touch...

Banking1 week ago

HOW BANKS CAN PROTECT THEMSELVES AGAINST RANSOMWARE

Jay Ralph, Managed Cloud Global Sales Lead at SoftwareONE   We’ve seen a slew of high-profile ransomware attacks in 2021. From hackers...

Trending