If cyber hackers are going to target anything, it might as well be the proverbial jugular – money.
With Covid catapulting us all into the future almost overnight in terms of e-commerce sales, mobile purchases, digital wallets, and what remarkably already appears to be a world on the cusp of a cashless society (when was the last time YOU took out cash?), e-commerce consumers and companies both understand the critical need for cybersecurity best-practices.
As a result, Fintech-focused cybersecurity investment is booming. But, aside from the obvious reasons for safeguarding transactions, there’s also another huge and sometimes overlooked vulnerability – remote working.
In a recent article in Fintech Magazine, several experts expressed their thoughts and insights on cybersecurity and how it affects the entire world of finance from organizations to consumers.
Among the experts were:
David Emm, Principal Security Researcher at Kaspersky; Ian Benson, Partner at PwC and UK Financial Services Cyber Security team lead; Corey Hamilton, Financial Services Sector Partner at IBM Global Security Services; Limor Kessem, Global Executive Security Advisor at IBM Security; Kara Hill, Corporate CIO at FIS and Chair of the American Transaction Processors Coalition (ATPC) Cyber Council; and Norma Krayem, VP and Chair of Cybersecurity, Privacy & Digital Innovation at Van Scoyoc Associates, as well as Director of ATPC’s Cyber Council.
Here’s a quick summary of the main insights and topics they touched upon:
The financial sector suffered a major crisis in 2020 mainly due to it being a raft in rocky waters for nations to cling to for assistance and relief funds. As demands increased during the peak of Covid, the sector had to move its workforce out of offices and branches and into the home at the drop of a hat, relying heavily on cloud infrastructure for continued work processes. As a result, digitization and demand for contactless services peaked, and the way we work and consume services was forever changed.
With the move to remote working environments, cloud adoption proved vital, but with its many security and resilience benefits also came heavy risks. Today, the onus is on organizations to prevent those risks by correctly configuring their cloud environments with built-in security measures. As Ransomware attacks continue to grow and organizations continue to support more flexible working practices beyond the pandemic, security teams must ensure they replace any temporary pandemic solutions with more permanent ones.
Threat modeling and information sharing
It’s no secret that banks and cryptocurrency exchanges are particularly susceptible to cyber-attacks, mainly due to the large volumes of cash and assets that both process and hold. Criminals always follow the money. As information sharing across fintech firms continues to be vital, so too does threat intelligence and modelling in order for such institutions to continue to work together and anticipate and plan for new techniques that may be used against them in the future.
For banks to minimize their attack surface area, especially with their large IT estates, they should have a good understanding of their underlying infrastructure; clear visibility of assets and an ability to manage them effectively and consistently are key foundations for good cybersecurity.
Cryptocurrency exchanges should aim to perform detailed threat modelling against their main business processes, especially around transfer and withdrawal processing. A good strategy is to make sure they do not store more funds than necessary in hot wallets, as well as make it difficult for attackers to infiltrate and approve transactions, even if they are able to acquire a high level of privileged access.
The goal for companies should be to continually simplify users’ access while more securely adopting web, mobile, IoT and cloud technologies.
You only have to look at the mass-extortion campaign launched in 2020 against more than 100 financial-services companies across the world to understand the gravity of such attacks.
So, what can be done? In a nutshell – strong cybersecurity hygiene.
Companies need to strike a balance between usability and security via risk-based access, single sign-on, integrated access management control, identity federation and mobile multi-factor authentication.
Many organizations have new devices coming into their environment, but when was the last time they conducted a vulnerability assessment? Has the organization reevaluated its patch management policies? Is there an accurate inventory of assets? Have escalated permissions been reviewed across the organization? These are all important questions to be asked and ones that are often overlooked.
With all new digital innovations there are risks that must be managed together; we no longer live in a world that can or should separate innovation from managing risk, they are mirror images of each other. Cybersecurity is a systemic risk that will have to be addressed head-on so that the benefits of a cashless society (i.e., greater financial inclusion) can be enjoyed.
Automation and futureproofing
Automation, for example, helps standardize protections and focus on machine-speed solutions across a wider swath of the network. At the same time, the industry must also focus on not just the tools that exist now, but the new ones that need to be created, too. Attackers can learn quickly how to get around the existing tools and use technology to create new backdoors.
SolarWinds is an example of an attacker that methodically learned which tools and systems were used to protect networks and then used those same structures against the US government and the private sector. Cybersecurity is an enterprise risk management issue; it must constantly change and adapt to the threat environment.
Poorly tuned security platforms, instead of focusing on the highest risk and greatest ROI, are often geared towards ‘low hanging fruit’ or quick wins that are of lower concern.
IBM, for example, introduced a Cloud Pak for Security (CP4S) as many of their customers have a vast array of tools and technologies already deployed. However, they lacked a single pane of glass that covers threat intelligence, event monitoring, and automation across today’s on-premises, hybrid cloud, and multi-cloud environments.
Rather than focus on a single technology, organizations need to design and implement systems that are inherently resilient and secure within their own operating environment. Additionally, they should also consider how tech changes can alter their risk profile.
Automation and orchestration undoubtedly help increase the speed and repeatability of response, but it’s important that we don’t forget the ‘hard basics’ like access control, active directory hygiene, security patching and configuration, and asset management.
Let’s talk about trust…
Improved and continuous user authentication could certainly help with some of Fintech’s most pressing security issues. Today, Identification Providers and Multi-Factor Authentication (MFA) providers have improved the authentication process, but integrating MFA to corporate applications and services is complex, especially for non-web and thick/fat applications, which are not naturally compatible with MFA.
A ZTNA solution that incorporates MFA could solve this problem. Such a solution would enable customers to easily integrate and deploy a centralized MFA solution (Synchronic MFA, Push messaging, Biometric, instant messaging, REST API, etc.) and identity awareness for all corporate applications, both web and non-web.
Safe-T’s ZTNA solution, ZoneZero is the first-ever solution to fully integrate ZTNA and MFA Concepts for internal network users
Due to its unique parameters, with ZoneZero, organizations reap all the benefits of ZTNA and MFA with zero disruption to existing infrastructures and no loss of initial investment.
ZoneZero provides identity-based segmentation and MFA for any and every internal application for secure access control, non-web protocols, and legacy infrastructure. With ZoneZero, organizations can easily integrate MFA and continuous identity verification for all applications.
The ZoneZero advantage
With ZoneZero for internal users, every request from any user/application to every application invokes an MFA action. For example, once a push notification is sent to the accessing user or IT administrator for an access attempt, ZoneZero prevents access to the resource, until the MFA responds.
Cybersecurity as a ‘universal culture’ in every business.
In summary, it’s important to understand that every single person plays a role in securing the enterprise, regardless of whether they employ a security role or not. No other sector is more data-rich, digitized, or more targeted by cybercriminals than the financial sector. Collaboration and coming together as a unit, can mitigate risks in a very big way.
On the one hand, some of the well-established financial institutions are well-versed in the threats facing this sector. Yet, on the other hand, there are many new financial organizations that have neither the experience nor the expertise in securing their systems. In addition, for obvious reasons, business continuity may be prioritized over security, especially if the organization has so far not faced major incidents.
A sign of a mature organization from a security perspective is not when the CISO is invited to IT strategy meetings, but when they are included as a standing attendee at business strategy meetings and committees at the request of executive committee members. Currently, in many organizations, we are not even at the stage where the former happens consistently.
Another interesting driver of cybersecurity investment over the past year has been the need for more effective and customer-centric access controls. Financial institutions recognize the necessity of an exceptional client experience with regard to customer retention.
As a result, organizations are beginning to rethink their cumbersome identity management processes. This drives investment in fintech offering innovative access management solutions, including biometrics and behavioral analytics. In some jurisdictions, like Europe, the focus on Know Your Customer (KYC) and Customer Due Diligence (CDD) is widening to include advanced data management, analytics, and interpretation to drive more efficient regulatory compliance procedures and address cybersecurity issues.
In short – if financial institutions or banks want to secure their organizations, employees, and both existing and future customers against potential cyber-attacks and massive losses in a remote working environment, strong cyber-security hygiene must be regarded as an urgent and vital universal culture.
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Safe-T® Group Ltd.
Safe-T Group Ltd. (Nasdaq, TASE: SFET) is a provider of Zero Trust Access solutions which mitigate attacks on enterprises’ business-critical services and sensitive data, while ensuring uninterrupted business continuity. Safe-T’s cloud and on-premises solutions ensure that an organization’s access use cases, whether into the organization or from the organization out to the internet, are secured according to the “validate first, access later” philosophy of Zero Trust. This means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network or in the cloud.
Safe-T’s wide range of access solutions reduce organizations’ attack surface and improve their ability to defend against modern cyberthreats. As an additional layer of security, our integrated business-grade global proxy solution cloud service enables smooth and efficient traffic flow, interruption-free service, unlimited concurrent connections, instant scaling and simple integration with our services.
With Safe-T’s patented reverse-access technology and proprietary routing technology, organizations of all size and type can secure their data, services and networks against internal and external threats.