Protecting your bank against cyberattacks (Part 3 of 3)

With data breaches making more headlines, security remains top-of-mind for financial institutions. Despite robust security controls, banks can still be vulnerable to threats. 

According to the most recent Verizon Data Breach Report reviewing over 5,000 breaches, the top three threats were:

  1. Social Engineering

  2. Basic Web Application Attacks

  3. System Intrusion

Previously, Tony highlighted social engineering breaches and basic web application attacks

The final type of breach, system intrusion, is a broad title that essentially means an attacker gains access to a computer system they should not have access to. This is caused by two primary methods:

  • Misconfiguration – Not configuring the correct settings when installing the computer system.

  • Malware – The execution of malicious code that opens a back door and provides system access to the attacker.

Because this attack has two primary causes, we’ll review both mitigations. 

  • Golden Image: A term that defines a standard approved system build before it’s used in production. Ideally, the system is designed on paper before it’s built digitally. All the settings are reviewed and written out. And then this premediated design is used to build the production system.

  • Many people think that the best control to prevent malware is an endpoint protection agent (previously called anti-virus). And although a good endpoint protection agent can go a long way, the best solution starts before that. It starts with:

    • A secure hardened build (Golden Image)

    • Patch management: a process to update all the software patches on a regular basis.

    • Vulnerability management: a process to scan and identify vulnerabilities in your system that could lead to exploits.

    • Identity and access management: ensuring that only people that need access to the system have access, and even the access they have is provisioned by ‘least-privilege,’ meaning they don’t have permissions to the system beyond what their role function requires.

By reviewing and implementing a cybersecurity program that addresses these top three causes of breaches by hackers, you can greatly improve your risk posture and prevent hackers from stealing your data and compromising your clients’ data. 

Many people think that the best control to prevent malware is an endpoint protection agent (previously called anti-virus). And although a good endpoint protection agent can go a long way, the best solution starts before that.
— Tony Asher, Asher Security

About Asher Security

We protect your critical information assets by securing your data, detecting malicious attempts, and preventing the compromise of confidentiality, availability, and integrity of crown jewels at the core of your business. More at ashersecurity.com.

About Micah Group

Micah is the intelligent lending platform for fast, efficient credit decisions. From application to approval, it turns a weeks-long process into days or minutes. Micah automates spreading and credit memos, so lenders can spend more time on customer experience and analysis. More at micah-group.com.

Previous
Previous

How to prepare for the technology productivity boom

Next
Next

Protecting your bank against cyberattacks (Part 2 of 3)