Australia’s banks and credit card companies are coming under increasing attack as cyber criminals come to understand the value of the data that these organisations create and retain. Indeed, financial data is among the most lucrative data types and can be used to access accounts, copy payment cards, and make fraudulent purchases.
However, while financial services institutions find themselves under attack more frequently than ever, it is still possible to remain at the forefront of the digitisation of the industry and maintain effective security.
Given the sensitivity of the data they manage, financial services firms need to have a mature security operation model in place. The model’s security maturity is measured using two variables: mean time to detect (MTTD) threats and mean time to respond (MTTR) to them.
A reduction of both MTTD and MTTR is crucial to ensuring cyber attacks are halted earlier in the threat life cycle, and is reliant on technological solutions that allow for the automation of workflows. This frees up time for security teams to focus their attention where it is most needed.
The role of senior management
A chain is only as strong as its weakest link, and it only takes one employee falling victim to a phishing email to compromise a business. For this reason, the chief information security officer (CISO) and their team by default lead the charge in ensuring security is front of mind for all employees.
The CISO also needs the support of the rest of the C-suite to fulfil their goals. At the board level, CISOs must ensure that executives are aware and fully understand the challenges security teams encounter day-to-day and the longer-term.
As a result, this therefore becomes a matter of communication rather than technology. One method of communicating security posture to the board is by focusing on the benefits and return on investment that can be achieved. Also, a CISO can furnish a high trust environment through partnering a member of the board with the security team.
This partner can then articulate perspective to the team from a purely business standpoint, allowing the team to produce intelligence to the board that exhibits the business value of the security operation centre’s (SOC) methods and goals. Taking such a collaborative approach will encourage the understanding security teams have for business goals and the board’s understanding. Interestingly, financial institutions in Singapore are required to have at least one board member with security experience.
The impact of rapid growth
One area of understanding that needs to be highlighted is the impact of business growth on security. Although rapid growth indicates a business is in robust health, it also facilitates multiple avenues through which it can come under cyber attack.
It should be remembered that cyber criminals keep a close eye on the financial services sector and know when an organisation has become a potentially more lucrative target. Events such as mergers and acquisitions can also present opportunities.
On a technology level, the networks and security systems of different companies may be in the process of being migrated and integrated and could be targeted. On a more human level, new staff, as yet unaware of the security protocols of the company they’re joining, can also be the focus of cyber criminals.
For this reason, it’s important then that security teams ensure each new employee is vetted, safely added to the system, and trained on appropriate security protocols. In the case of acquisitions, security teams must effectively monitor new structures that are added to the network, and third-party connections with whom they are not yet familiar.
Achieving a robust security culture across an organisation has never been more important than at present. With conditions within the finance sector evolving rapidly, being aware of threats and taking the steps required to mitigate them is among the highest of business priorities.
The outlook for Australia’s financial sector firms is bright and, with targeted investments and efforts, their IT security infrastructures will be well placed to support this ongoing growth.
Joanne Wong, VP international marketing (APAC and EMEA), LogRhythm
