Bank Cybersecurity Trends: Insights and Strategies for Financial Institutions
Explore the evolving landscape of banking cybersecurity with a focus on technology advancements and the impacts of recent events like the COVID-19 pandemic and the SolarWinds breach. Learn about key areas such as remote worker security, cloud migration, and the importance of assuming a proactive cybersecurity stance. Presented by industry expert Chris Bedel, this comprehensive guide sheds light on crucial cybersecurity issues facing banks and credit unions today.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Bank Cybersecurity: Looking Back to Look Forward Independent Bankers Association of New York State | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
The Problem The banking industry is changing faster than it ever has before. The heart of that change is technology (and cybersecurity) | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
What We Will Cover Looking Back COVID-19 Digital Adoption Solar Winds Breach Looking Forward Securing Remote Workers Cloud Migration Assume You re Hacked Zero Trust Vendor Guidance Make Cybersecurity a Business Enabler | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
About the Presenter Chris Bedel, CISM Purdue University studied Business & MIS 8 years as ISO at a community bank Bedel Security Founded in 2015 Focused on Virtual CISO offering Exclusively work with Banks and Credit Unions Clients ranging in size from $70MM in assets up to $5 Billion | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Looking Back: COVID-19 Pandemic Planning Remote Workers Fueled customer need and desire for digital interactions | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Looking Back: Digital Adoption Fintech Digital Channels Cryptocurrency https://www.bedelsecurity.com/lp-surviving-the-post- pandemic-landscape | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Looking Back: SolarWinds Breach Supply Chain Attack Feared by Security Experts This changes who and what we can trust https://www.bedelsecurity.com/blog/solarwinds-5- points-to-communicate-to-your-board | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Remote Access Unsanctioned devices Employee owned devices Capacity limitations MFA DLP? Print capabilities | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Remote Access A webroot study showed a 40% increase during COVID- 19 in unsecured remote desktop protocol (RDP) machines for remote working. How long into the future will we experience data breaches because of actions taken in a 60 day window in 2020? | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
#1 Risk for Remote Access #1 Area of remote access risk of those organizations we assessed is at the endpoint | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Remote Access Risk Assessment Covers 4 primary connection methods With inherent risk pre-calculated based on a regulated environment https://www.bedelsecurity.com/lp-remoteriskassessment | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Cloud Migration Pros Always up (almost) Accessible from anywhere Almost impervious to ransomware Inexpensive Logging and access controls Cons No perimeter Susceptible to Social Engineering Another Vendor | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Cloud Migration Recommendations MFA All logging turned on Partner with an expert | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Assume Youre Hacked Routine Internal Pen Testing Segment Funds Transfer Egress monitoring and filtering Protect admin accounts MFA Logging Incident Response Planning | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Zero Trust Forrester coined the phrase Zero Trust in 2009, defining it as an: Evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources Another way of thinking about Zero Trust is: Moving cybersecurity defenses from the perimeter of a network to each individual system, making the location of users, assets, or data irrelevant. | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Zero Trust You probably already have some defenses in place that reinforce zero trust: Multifactor Authentication Mobile Device Management (MDM) Conditional Access Threat Detection Solutions Least Privilege Access Encryption Etc . But there is no single product that you can buy that implements zero trust! | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Zero Trust Free Webinar When it's happening: Friday, April 7, 2021 2:00-3:00pm ET Who's it for: Bank & Credit Union Management and Executives Who's Presenting: Our vCISO Senior Advisor and VP CTO, Brian Petzold To register go to: https://www.bedelsecurity.com/zero-trust-webinar | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Vendor Guidance Even the best vendor management programs couldn t prevent the SolarWinds incident BUT We should all expect updated FFIEC Guidance on managing vendors and service providers. | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Business Enablers IT and Cybersecurity must become business-enablers | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Business Enablers At what cost does information security begin to lose its value? | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Business Enablers A Business-enabler: Knows that security is not for the sake of security Understands the business and its objectives Asks why security is important to the business Is a problem solver Is a risk manager Can communicate in business language | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
In Closing We re only getting started Technology will continue increase in importance in banking Drive innovation and build cybersecurity program to match | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
Thank you Contact Info: chris@bedelsecurity.com 833-297-7681 x700 or connect with me on LinkedIn https://www.bedelsecurity.com/free-resources | www.bedelsecurity.com | (833) 297-7681 | support@bedelsecurity.com
