Stephen Roostan, VP EMEA, Kenna Security
The COVID-19 pandemic forced organisations around the globe to pivot their digital capabilities at scale. Overnight, businesses had to shift to remote workforce models and focus their efforts on transacting with clients primarily through digital channels.
In the wake of this rapid and disruptive shift, the number of cyberattacks on financial companies began to surge. According to a recent Investors’ Chronicle report, between January and June 2020 the finance, insurance and credit sector reported at least 122 cybersecurity incidents to the UK regulator under the General Data Protection Regulations. This represents a rise of 54% by comparison to the same period in the previous year.
Changing the rules of engagement
When the global health crisis first took the world by surprise, many firms were caught on their heels and had to play catch up as they adjusted their operations to cope with the new normal. Yet finance organisations demonstrated a remarkable capacity to evolve at pace. Indeed, research from McKinsey reveals how, over the course of the pandemic, technology uptake accelerated by seven years.
However, this flurry of technology adoption introduced a raft of additional vulnerability challenges for security teams within financial institutions to deal with. As a consequence, keeping the organisation secure now feels increasingly like a high-speed game of whack-a-mole.
With resources stretched to the hilt, IT and security teams need to find new and better ways to work together. Adopting a smarter, more collaborative, and more proactive approach to the joint management of cybersecurity risk.
Time to reflect and rethink strategies
The finance and banking sector has long been a prime target for cybercriminals. But the introduction of new remote models in the wake of the pandemic has introduced new opportunities that cybercriminals have been quick to seize upon. This has created a critical shift in the vulnerability management landscape that security teams are now battling to respond to.
Trying to fix the growing tidal wave of vulnerabilities is proving an uphill task. Constantly in reactive mode, security and IT teams are caught between the proverbial rock and a hard place. Faced with cyber threats that evolve by the day, the old ways of handling vulnerability management means everyone is running just to keep up. Or engaged in endless discussions about which vulnerabilities to remediate, and when.
When it comes to defending against cyber threats, the best way to minimise risk is to measure, prioritise, and remediate what leaves you most vulnerable. By taking a more proactive and risk-based approach to vulnerability management, security teams can shift into the driving seat, gain the upper hand and optimise how and where they deploy their resources.
Prioritising the risks that matter the most
Addressing the realities of today’s fast evolving threat landscape requires a change of direction where vulnerability management practices are concerned. Adopting a risk-based vulnerability management (RBVM) approach will make it easier to predict threats and prioritise fixes. This opens the way for security teams to work faster and more efficiently, reducing organisational risk exposure in a much more informed way.
Today’s data-driven RBVM platforms combine real-world external threat intelligence with advanced predictive modelling to accurately forecast the weaponization of new vulnerabilities. By combining this intelligence with internal data gathered from an organisation’s own internal stack, everything from vulnerability scanners to SCA security testing tools and configuration management databases, security and IT teams are able to truly understand the probability of a specific exploit impacting the organisation’s unique operational environment.
Armed with these real-time insights, security and IT teams can at last stop blindly chasing down the latest high-profile vulnerabilities. Instead, they can focus their joint efforts only on those that pose the greatest threat to the business.
A shared language that boosts collaboration
As well as generating evidence-based guidance that makes it easy to identify what actions and measures need to be taken, today’s RBVM platforms establish a common language for security and IT teams to evaluate and quantify the organisation’s risk posture.
Generating risk scores for instances of each vulnerability in the organisation’s IT environment, including the potential number of assets likely to be impacted, is just the start. Detailed holistic reports and benchmarks make it much easier for security and IT teams to agree on which vulnerabilities are critical and evaluate the best remediation approach to take.
Eliminating any miscommunication issues around what constitutes a high risk vulnerability, when everyone is able to talk the same language and has access to the same data-driven evidence then security and IT teams can align their efforts to work much more effectively.
Getting – and staying – ahead of attackers
Focusing on the 2%-5% of vulnerabilities that are shown to pose the most risk to an organisation’s infrastructure and assets is the key to achieving better, more efficient remediation and lowering the overall organisational threat profile.
Today’s financial services organisations need to gain the upper hand over attackers. Leveraging today’s modern RBVM platforms enables financial services firms to gain the contextual insights, combined with real-time threat intelligence and analysis, to get more proactive about how they address vulnerability management – cutting through the clutter to keep priorities aligned.
