SEI: Remote Work Amplifies the Need for a Strategic Cybersecurity Plan
This article originally appeared on BAI
As cybersecurity threats multiply and evolve in the era of remote work, comprehensive cyber and risk management plans have become absolutely essential. Banks face increasing disruption to their businesses, ever-rising IT costs, and a wider-than-ever technological surface area, creating more and more security vulnerabilities.
That dynamic, paired with sophisticated cybercriminals capable of operating at scale and an evolving cyber regulatory landscape, make it imperative that banks utilize security solutions that effectively protect their customer data from rising cybersecurity threats.
While many banks are aware of this issue and its gravity, they remain vexed by the prospect of trying to address their needs with limited people and resources. Given these crosscurrents, it’s critical to dispel three myths that give rise to ineffective cybersecurity strategies and underscore the importance of “Defense in Depth” for full infrastructure visibility, cyber-threat detection, and incident response and remediation.
Myth #1: Cost
Banks often shortchange their cybersecurity needs under the mistaken assumption that they won’t be a target for hackers because of their size, profile or existing cybersecurity posture. But the pace at which bad actors operate and their ability to do so at scale means it’s never a matter of if an attack may come— it’s a matter of when.
Considering reputation and customers’ trust are the cornerstones of a bank’s ability to conduct business, a breach can be cataclysmic. A successful attack can be expensive with upfront remediation costs, a potential ransom and a full-service cybersecurity incident response team to address the vulnerability, remove the bad actor, determine what material may have been accessed, and prevent the issue from being exploited again.
Even more costly is a breach’s ability to sow customer distrust and anxiety about the safety of their personal information and assets. The upfront cost of developing an effective cybersecurity posture comes at a significant discount to the likely cost of a downstream breach.
Myth #2: Compliance equals Protection
With an increasing regulatory focus on cybersecurity, a common misnomer is that compliance means protection. Though compliance with regulations is essential, meeting the bare minimum regulatory standards does not adequately protect from the ever-evolving attack vectors leveraged by an increasingly sophisticated group of bad actors.
For banks who manage especially valuable customer data and money, a comprehensive cyber posture should go beyond what is mandated in industry regulations.
Myth #3: IT equals Cybersecurity
Banks’ internal IT teams, which are typically understaffed and under-supported, are often shoehorned into running their cybersecurity strategy. With cost limitations, they’re often compelled to create and maintain their cybersecurity strategy absent sufficient technology, expertise and threat intelligence.
Bank IT and bank cybersecurity are certainly related, but each has distinct responsibilities. Likewise, many traditional cyber vendors provide only partial solutions that don’t provide adequate protection. Tasking an internal IT team with managing both can lead to crucial mistakes and create security risks in the process.
Banks have implemented security measures to take remote work into account, but attackers have adapted to the changes. These organizations must not only detect and react to security threats, but also work to ensure a Defense in Depth mindset to cybersecurity.
Defense in Depth is a structuring of IT security that attempts to slow or stop any given attack with multiple mechanisms across different attack vectors. While not every mechanism will protect against a cyberattack, this layered resiliency allows banks to slow the attack while alerting the information security team of the intrusion.
It’s also important to have a centralized cybersecurity platform and threat matrix, which aggregates and refines data from all vectors into actionable intelligence. This component allows the security team the ability to access information and better prioritize a focus on the threat actors themselves.
The benefits help create a seawall specific to an organization’s infrastructure. Leadership can utilize seawall data as a proof point in an effort to increase their information security team’s resources needed for successful protection from threats.
With deeply sophisticated bad actors operating at scale, banks are encountering dangerous cybersecurity risks every day. Many of these risks are amplified by both COVID-driven remote work, as well as insufficient internal practices and protections. It’s essential that banks embrace a “Defense in Depth” approach to cybersecurity that encompasses full infrastructure visibility, cyber threat detection and response to incident remediation. Armed with that approach and the security it provides, banks can be more confident that their data, assets and reputation are as protected as possible in the current environment.
Steve Bomberger is head of SEI IT Services.