Security breaches and cyber resilience
When it comes to cybersecurity, one thing is almost certain: Don’t expect your firm to stop 100 percent of security breaches 100 percent of the time. As a financial institution, that means, in addition to increasing the sophistication of your barriers, you should also increase your resilience—your ability to bounce back from an attack or other security event and resume normal operations quickly.
The importance of resilience is one insight from a recent research report from Accenture and HfS Research, The Services Research Company™ “The State of Cybersecurity and Digital Trust 2016.” The study underscored the fact that cybersecurity today should include a rethinking of the nature of security, and a shift from an approach that stresses protecting vulnerable assets to one based upon strengthening those assets, making them more resilient as part of a holistic cybersecurity process that delivers greater value to the enterprise.
In this blog series we’ll be exploring the concept of cyber resilience in the financial services industry—including some current capability gaps that are undermining resilience, and how firms can overcome those gaps with a proven methodology.
Today’s cyber threats
Accenture’s State of Cybersecurity and Digital Trust 2016 report details the major security threats and concerns among today’s financial services firms.
- Theft or corruption of data by both corporate insiders and external entities is widespread according to the study. Among financial services firms surveyed, 73 percent have experienced theft by insiders and 55 percent have experienced data loss from external actors. And 82 percent of firms expect to suffer from external threats in the next 18 months.
- The threat sources of most concern to surveyed security professionals in the financial services industry are (1) current and former employees; (2) external “hacktivists” with political agendas; (3) state-sponsored professionals targeting critical infrastructure and promoting cyber-terrorism; and (4) State-sponsored professionals targeting economic/IP theft (corporate espionage).
- Brand reputation and customer support are rated the most vulnerable business goals, with 75 percent and 72 percent (respectively) of financial services respondents listing data security as critically important to supporting those efforts. Sixty-nine percent of financial respondents also said data security is important for business expansion—i.e., developing new products and services.
- In every security category listed, large percentages of financial services respondents felt some level of improvement is needed, including:
- Threat and vulnerability assessments (82 percent say improvement is needed)
- Device security (73 percent)
- Controls to restrict the flow or storage of data by geographic region (70 percent)
- Security as part of overall business planning (70 percent)
Cyber attacks are not an “if” but a “when and how.” The threats are too frequent and too varied. Attackers are nimble and adapt quickly. They require little capital investment and resources to devise and mount their attacks. Many criminals are already inside a company and breaches are close to inevitable.
Traditional preventative measures can slow them down but not ultimately stop them. That means that firms should think differently. In addition to improving their traditional preventive measures, they also should make themselves cyber resilient.