Financial services institutions are now wading through the latest wave of operational changes that focus on customer centricity and streamlined core operations – digital transformation (DX). At a high level, DX can involve shifts in technologies and practices from new third-party fintech interfaces and APIs, to changes in account opening, maintenance, to open banking and insurance, for commercial and retail customers alike.
Coincident with this digital transformation and openness, financial services organizations are recognizing a growing need for an integrated “cybersecurity transformation” which exhibits cyber resilience to address the increased cybersecurity risks that naturally accompany any major transformations. As Maria Allen states in an article “Opening Up to Open Banking” in the June BAI 2019 Banking’s Digital Transformation whitepaper –
“Security stands as a huge concern, as open banking significantly expands the risks of unauthorized access, cyberattacks, data breaches and fraud. Banks must endeavor to understand the security protocols of the third parties they do business with and ensure that their customers’ data is secure throughout a product’s lifecycle, both while in motion and at rest.”
Beyond industry regulations, best practices and standards frameworks suggest that highly targeted industries like financial services develop a comprehensive cybersecurity policy and incident response plan based on guiding, auditing principles. For example, the National Institute of Standards and Technologies (NIST) Cybersecurity Framework defines five Core Functions: Identify, Protect, Detect, Respond, and Recover. Using these frameworks, organizations can properly isolate and protect key core functional systems (servers, storage, applications, and data) and institute accountability and processes to handle the modifications needed for the future.
Several software-based risk mitigation solutions to help meet these standards exist, some enhanced by artificial intelligence and machine learning. These include, but are not limited to: Threat Modelling, Intrusion Protection and Detection Systems (IPS & IDS), Role-Based Access Control (RBAC), Attribute Based Access Control (ABAC), Multi-Factor Authentication, and Security Information and Event Management (SIEM). These software-configured solutions focus on the authentication and monitoring of access to production systems, faux production “honeypots”, or offline, data-at-rest repositories, such as cyber recovery data vaults, or sandboxes used to analyze, identify and report indicators of compromise.
However, there are also hardware-based solutions, such as data diodes, that can truly transform the cybersecurity of networks to meet the demands of increasingly open and exposed financial networks. When integrated with an incident response plan that includes cyber recovery, data diodes can keep a network segment, an isolated “dark-site” compute, or data enclave absolutely secure, without threat of exploit, while still allowing files, network and performance, diagnostics, and email to traverse where needed. In particular, the data recovery/cyber recovery data vault methodologies are a perfect fit for Owl’s data diode solutions and will be covered in some depth in a later post.
How are you meeting the cybersecurity demands of digital transformation?