Stephen Scharf, DTCC: don't face the cyberthreat alone, collaborate!

Stephen Scharf, DTCC: don’t face the cyberthreat alone, collaborate!

Cyber risks have evolved significantly over the last couple of years across industry sectors. The financial services industry, in particular, has become the target of choice with malicious actors exploring every avenue they can in order to identify areas of vulnerability.

To respond to these growing threats, financial firms are significantly bolstering their defences with many investing in the latest cyber defence technology to stay one step ahead. In addition to this, cyber threat intelligence (CTI) sharing between organisations is on the increase to assist in a rapid response in the event of network infiltration.

Against this ever-evolving backdrop of new threats and new defences, this article highlights some of today’s major cyber themes.

Firstly, the ways in which malicious actors are choosing to attack their chosen targets are continuously evolving and technology has been a facilitator. By choosing to transfer more processes online, firms are providing cybercriminals with an increased number of entry points from which to exploit a firm’s vulnerabilities.

Additionally, just as victims of attacks are seeing the benefits of collaborating and sharing information, so too are the malicious actors. Gone are the days where specific and exclusive skill-sets were required to successfully undertake an attack – the trading of rudimentary knowledge online between malicious actors has significantly assisted in their efforts.

The third theme is the increasingly interconnected nature of financial markets. This interconnectedness can sometimes increase the risk of contagion should one entity be the subject of a cyberattack. Therefore, firms need to look very closely at the relationships they have with their clients, service providers and everyone in between to ensure they have strict security protocols in place to prevent any part of their IT infrastructure, valuable data and intellectual property from being compromised. Focusing solely on building a firm’s own cybersecurity defences is no longer a sufficient defence against cyberattacks. Failure to recognise the risks of interconnectedness could lead to reputational and financial damage.

The fourth theme is the way in which firms have been shifting attention from only protecting against a cyberattack to ensuring data recoverability in a timely manner. We have seen firms substantially strengthen their capabilities to “fail over” and recover data, implementing secondary systems to maintain operations in the event of a successful cyberattack.

And the industry is responding. Sheltered Harbour, led by the Financial Services Information Sharing and Analysis Centre (FS-ISAC) is an example of an industry-wide collaborative effort to help improve cyber resilience across the financial sector. Unveiled in 2016, it was designed to improve resiliency across the sector and provide enhanced protections for financial institutions’ customer accounts and data. By providing an additional layer of protection on top of the existing defences that many financial firms currently have or are in the process of implementing, Sheltered Harbour extends the industry’s capabilities to securely store and restore account data, should the need arise. DTCC has been involved in the project since its inception.

Complementary to this, firms are evolving their defence strategies using new techniques and tools as well as traditional methods. In fact, it is these traditional techniques that remain essential components of any security programme. These include strong identity and access management programmes, appropriate patch and vulnerability management and proper segmentation. As such, firms that opt for new solutions alone and under-invest in these core competencies will find their efforts counterproductive.

Finally, firms endeavouring to counter cyber risks should be reminded of the words of a renowned US Army General George S. Patton – “you fight like you train”. The importance of preparation by conducting regular exercises, where key personnel simulate cyber incidents and crisis response cannot be overstated, if firms expect to stay one step ahead. Working together with the industry to anticipate different risk scenarios is key and a collaborative response will always be more successful than facing the threat alone.

By Stephen Scharf, chief security officer, Depository Trust & Clearing Corporation (DTCC) 

This article is also featured in the October 2017 issue of the Banking Technology magazine. Click here to read the digital edition – it is free!

Banking Technology October 2017 banner