The FFIEC recently added the “Strengthening the Resilience of Outsourced Technology Services” appendix to its Business Continuity Planning IT Booklet, which details for the first time ways financial institutions (FIs) can increase their cyber-resilience as it relates to technology service providers (TSPs).
Among the four key elements of business continuity planning that FIs should address are practices for preparing for, responding to, and recovering from disruptions caused by the following likely cyber threats:
Malware, or malicious software, is a type of computer program or software code designed to disrupt the normal operation of a computer, server, or network. This cyber-attack is serious for FIs and TSPs as it can steal information, damage files, install unwanted programs, and even cause unauthorized transactions. One of the suggested ways to mitigate this risk is to provide employees with security awareness training.
Preparis customers have access to our entire Knowledge Center which contains educational resources such as training courses and checklists to improve employee understanding of malware and other cyber threats. Contact us if you would like to know more.
Insider threats typically occur from vengeful disgruntled employees or someone employed with the intention to deliberately perform a cyber-attack against the FI. The best ways for FIs to reduce the risk of insider threats are frequent employee screenings and segregating duties.
Data or Systems Destruction and Corruption
Data or systems destruction and corruption are the result of operational incidents that disrupt or severely limit access to the network and computing resources of an institution. Operational incidents can be hardware-related, software-related, caused by accidental or intentional human factors, or a combination of these.
The impact on the information integrity of an institution can be severe; therefore, it is important to have controls in place that prevent destruction and corruption. Suggested practices include data replication and implementing an “air gap” where a computer, system, or network is separated from other computers, systems, or networks. To be effective, a vulnerability test should be performed on backup systems at FIs and TSPs. Preparis offers this test and others as part of a complete information security solution.
Communications Infrastructure Disruption
Cyber-attacks can also disrupt communications by exploiting the institution’s or TSP’s infrastructure. These types of attacks, like distributed denial of service (DDoS) attacks, can overload the system to deny access by users. FIs should consider likely scenarios and plan for alternate communications infrastructure, if possible.
Simultaneous Attacks on Financial Institutions and TSPs
When it comes to cyber-attacks, geographic locations no longer matter. Therefore, a financial institution and its technology service providers can be attacked simultaneously despite being significantly distanced apart. Because of this risk, it is important that FIs and TSPs work together on planning their response and recovery practices.
For a better understanding of how cybersecurity relates to your financial institution, including what you must do to be compliant, click on the following links to view our cybersecurity webinars, hosted by world-renowned cybersecurity expert Kevin Beaver.