As cybersecurity attacks on financial institutions continue to escalate, banks and other financial institutions must take proactive steps to protect themselves and their data. Here are three strategies you can use to prevent potential intrusions.
A 2020 report from the Federal Reserve Bank of New York (FRBNY) modeling the potential impact of a cyberattack on a single U.S. bank found troubling consequences that remain a major problem in today's rapidly evolving threat landscape. is predicted. This model estimates that his one-day attack on the top five US banks would affect his 38% of US financial institutions. Even worse, attacks against large banks and small and medium-sized banking groups result in an average loss of 60% of a bank's assets.
Since the report was published, the financial services sector has become one of the top five industries for cyber-attacks, and both banks and hackers have become more adept at leveraging technology to achieve their goals. 98% of financial institutions now use some form of cloud computing, up 7 points from 2020, and banks are investing heavily in artificial intelligence (AI). Meanwhile, hackers have successfully created his AI-built phishing schemes and effectively used edge devices for distributed denial of service (DDoS) attacks.
How can banks win this cybersecurity arms race and ensure resilience in the face of possible attacks? This can only be achieved through control.
Cooperation: Making information sharing a key defensive weapon
Financial sector organizations believe that an attack on one is an attack on all. Therefore, many financial institutions around the world are engaged in sharing intelligence on threats and vulnerabilities in order to protect the infrastructure of the entire financial system.
Their efforts are supported by frameworks and guidelines created to improve information sharing about cybersecurity incidents within the financial industry.For example, the Swiss-based Financial Stability Board Enable further integration of cyber incident reports Featuring 16 recommendations for collecting and sharing cybersecurity information between financial institutions. In the United States, the Securities and Exchange Commission's cybersecurity regulations require registrants to disclose cybersecurity incidents and steps taken to mitigate those incidents.
The call for greater transparency heralds a new era of cooperation between banks. Cross-border information sharing remains difficult in Asia, where geopolitical dynamics often impede regional data exchange, but in closed environments such as the European Union, the United States, and other countries. , it is becoming more common and easier. These sectors are leading the way in improving cybersecurity in the financial sector, and technology is playing a key role in that effort.
The Digital Operations Resilience Act (DORA) is a great example of a government mandate to put technology at the forefront of risk management. Although created specifically for the European financial sector, it serves as a great cybersecurity blueprint for financial services organizations in all countries, including the United States.
DORA cites “the existing high level of interconnectivity across financial institutions, financial markets, and financial market infrastructure” as a concern. Similar to the FRBNY report, it notes that localized cyber incidents can quickly spread throughout Europe's financial system.
According to the EU, one way to prevent this is to limit the damage by “implementing automated mechanisms to isolate affected information assets.” Financial organizations must be able to quickly and automatically identify the source of an attack, isolate and remediate it, stop its spread, and recover quickly.
Security administrators can work with developers to create automated protocols for detecting and preventing intrusions, building and maintaining enterprise firewalls, and more. For example, open source projects like Ansible's infrastructure-as-a-service platform provide easy-to-use, pre-built playbooks that allow teams to quickly create automated security tasks. With these tasks in place, financial institutions can significantly reduce the time it takes to discover and thwart potential intrusions and remain resilient after an attack.
Standardize: Integrate cloud controls to increase resiliency
DORA also cited a “potentially serious” risk to the financial services industry if the cloud service provider that hosts many banks were compromised. Indeed, the issue of cloud concentration risk, or the risk that a compromise of a single cloud service could result in potential disruption or data breaches for many organizations, is a real concern that needs to be addressed.
Again, the open source community is working with members of the financial community to address this issue by creating cloud security controls. In 2023, the Fintech Open Source Foundation (FINOS) announced a joint project to standardize controls for public cloud deployments in the financial sector. According to FINOS, the goal is to “develop a unified set of cybersecurity, resiliency, and compliance controls across major cloud service providers.” A number of financial institutions are participating in the project, including Citi, Morgan Stanley and Royal Bank of Canada.
The FINOS project is just one example of the open source community's efforts to improve the security and control of cloud deployments for all organizations, including financial institutions. This work stems from our community's unwavering commitment to transparency, information sharing, collaboration, and using cutting-edge tools to reduce risk.
It is no coincidence that these are the same ideals that the financial services industry also holds. After all, these are core principles that protect all organizations from growing cybersecurity risks and help financial institutions remain secure and resilient against current and future threats. This is the key.
