Security

Financial Services Cyber Resilience and the New Normal

Share this post:

IBM Security, as a global leader of security services and software, has seen a unique change in the way organisations are facing the challenge of cyber resilience during the COVID-19 pandemic.

The societal, technological and employee challenges have come alongside increased pressures from regulatory bodies on firms to maintain “robust market surveillance” whilst unorthodox working arrangements are in place.

As a result, I have seen an increased interest from my clients in new controls to monitor their employees. These controls include the use of webcams to identify video recordings or pictures taken of screens and enhanced keystroke logging to highlight words or strings that may indicate suspicious or fraudulent behaviours.

This topic has caused debate and concern in the industry on balancing surveillance and employee privacy, especially as they are now home based.

Additionally, I have seen a re-calibration of existing monitoring and detection activities/capabilities to address the internal and external threats posed in the current climate. Below are some examples, linked to the NIST Cybersecurity Framework and based on my current experiences working with banks, insurers and financial service providers:

Identification

  • The detection of new applications or services (on premise or in the cloud) used to managed increased workloads of employees working remotely and the expansion of shadow IT.
  • Scrutinising all externally facing services and infrastructure through increased vulnerability scanning of publically facing IP addresses for any new vulnerabilities.
  • Reviewing existing SIEM and IDS/IPS deployment logic, use cases and rules, updating false-positive logic to reflect changes in new working patterns to reflect the new business as usual.

Protection

  • Enforcing stronger use of two-factor authentication for all remote access accounts, i.e. Office 365 or business critical/sensitive applications.
  • Capturing, analysing and monitoring data from logs, network flows and user behaviour data to identify anomalies and to ensure data loss prevention activities remain focused.

Detection

  • Enhanced monitoring of privileged users and how sensitive administration or business activities are performed i.e. large financial transaction systems such as SWIFT.
  • Increased monitoring of VPN activity – capturing and analysing logon anomalies, brute force attacks, credential stuffing or password spraying. In particular access attempts from unfamiliar geographies or duplicate admin/user sessions.
  • Heightened tracking of phishing campaigns relating to COVID-19 from organised criminals and nation states. The protective measures used include enhanced email gateway monitoring, detailed analysis of web proxy logs including keyword searching and enriched usage of third-party threat intelligence data.

Response

  • Recognition that both physical and virtual cyber crisis simulations must be a core component for all operational resilience activities.
  • The utilisation of Artificial Intelligence to engage quickly with customers as part of business continuity chatbot communications.

Recovery

  • Increased focus on validating the integrity of backups for legacy and critical systems whilst considering the use of alternative storage mechanisms i.e. offline storage, due to an increased risk of ransomware.
  • The use of Blockchain to bring together multiple data points and bring insights for leadership teams to respond to a crisis with confidence.

The takeaway for security leaders is to ensure the fundamental security activities are as strong and mature as possible. A focus on combined operational resilience requirements alongside cyber resilience activities is a business imperative and not an option. You can learn more about how IBM is helping our clients build resiliency through AI and automation during the current pandemic.

IBM Associate Partner in Security Strategy, Risk & Compliance

More Security stories
By Eileen O'Mahony on 12 November, 2024

Converting website traffic into happy customers with a smart virtual assistant

  With a long track record of guiding companies across various sectors through digital transformation, IBM Business Partner WM Promus is now focusing AI innovation. Eileen O’Mahony, General Manager at WM Promus, explains how her company helped a UK-based commercial finance brokerage enhance customer experience, and develop new sales leads using IBM watsonx and IBM […]

Continue reading

By Dr. Nicole Mather on 5 November, 2024

Reducing the time taken to write regulatory submissions – Introducing our Accelerator

The Case for Generative AI in Regulatory Acceleration Generative AI and automation are now enabling digital transformation across biopharma, allowing radical reshaping and automation of core processes – and focusing human effort where it is required. Companies embracing this approach across the whole organisation are deriving significant competitive advantage and transforming the way work is […]

Continue reading

By Mark Restall on 5 November, 2024

Impact on Data Governance with generative AI – Part Two

Many thanks to, Dr. Roushanak Rahmat, Hywel Evans, Joe Douglas, Dr. Nicole Mather and Russ Latham for their review feedback and contributions in this paper. This blog is a continuation of the earlier one describing Data Governance and how it operates today in many businesses. In this blog, we will see how Data Governance will […]

Continue reading