In a recent blog post, we discussed how digital attacks against banks, credit unions, and other financial institutions increased in the wake of the COVID-19 pandemic. We also noted that the cost of data breaches for those organizations increased during the same period. This raises the following question: how can organizations in the financial sector shore up their cybersecurity?
We answered that question by assembling 10 organizations, books, and podcast episodes that provide financial institutions with cybersecurity resources. You can learn more below.
NCU-ISAO
Created in 2016 at the Kennedy Space Center, the National Credit Union Information Sharing & Analysis Organization (NCU-ISAO) advances the mission of advancing cyber resilience at credit unions. It does this by seeking to supply credit unions with proactive threat intelligence of vulnerabilities, fraud campaigns, and attacks confronting their business. Additionally, credit union members of NCU-ISAO gain access to a global information-sharing network as well as tools, resources, and templates that they can use to raise their employees’ awareness and address emerging threats on a timely basis.
Financial Cybersecurity Risk Management
Published in 2018, “Financial Cybersecurity Risk Management: Leadership Perspectives and Guidance for Systems and Institutions” guides readers through the dynamic interconnections that make financial institutions susceptible to vulnerabilities and other digital threats. It then goes over risk assessment practices and governance perspectives that decision-makers and security professionals can use to respond to those risks. The book’s authors also include information that individuals can use to identify operational challenges to their organization’s cybersecurity programs and to take relevant regulatory standards into account.
FS-ISAC
The Financial Services Information Sharing and Analysis Center (FS-ISAC) is a global threat intelligence sharing community that serves financial institutions. With its headquarters in the United States as well as offices in the United Kingdom and Singapore, FS-ISAC provides member organizations with resources that they can use to advance their cybersecurity. Some of those resources take a regional focus, for instance, while others provide a cybersecurity overview for all members. Others still discuss how financial organizations can respond to certain developments such as the growing ransomware threat and changes introduced by COVID.
Cybersecurity and the CFO
In 2015, the Financial Executive Podcast used “Cybersecurity and the CFO” as the theme for one of its episodes. That edition features John Stark, former chief of the Internet Enforcement Division of Enforcement of the U.S. Securities and Exchange Commission (SEC) and president of John Reed Stark Consulting LLC. Stark discusses how chief financial officers (CFOs) and other financial executives can respond to news of a data breach at their organization, as noted by Financial Executives International (FEI).
SIFMA
The Securities Industry and Financial Markets Association (SIFMA) is a trade organization for broker-dealers, investment bankers, and asset managers. The organization has created several resources that SIFMA member firms can use to increase their cybersecurity. One resource includes best practices that organizations can use to create an effective program for mitigating the risks associated with insider threats. Other resources include guidance around hosting tabletop exercises and leveraging cyber insurance.
Cybersecurity: Threats to the Financial Sector
“Cybersecurity: Threats to the Financial Sector” replicates a hearing of the U.S. Subcommittee on Financial Institutions and Consumer Credit on September 14, 2011. The hearing discusses the types of vulnerabilities and technological advances that have enabled malicious actors to carry out attacks against financial institutions in the United States. It also emphasizes the importance of financial institutions sharing information with other organizations in the sector and with law enforcement agencies to bolster financial cybersecurity.
FDIC
Cybersecurity and Financial Stability
FFIEC
FinCEN
Where ITEGRITI Comes In
Not all financial institutions have the internal expertise to implement cybersecurity best practices and guidance. Fortunately, they don’t have to go it alone. They can work with ITEGRITI to build a stronger cybersecurity posture. Learn more here.