PUB. 11 2021-2022 Issue 2

July • August 2021 23 leveraged a customer’s account to request a $1,000,000 wire transfer. With the compromised institution’s email address and understanding of the approval process, the attacker successfully circumnavigated the process and wired the amount requested. While traditional tactics of phishing and malware are still the most common cyberattack methods, the next wave of cybercriminals can quickly pivot to other, more technical methods to exploit vulnerabilities and disarm defenses. The result can be total business disruption. So, what’s the best defense? An evolving cyber resilience strategy allows you to mitigate the threats of a cyberattack and enhance your ability to respond and recover from an attack. Cyber resilience allows you to adapt to a changing cyber threat environment Cyber resilience goes beyond preventing or responding to a breach – it’s your ability to operate during, adapt to, and recover from a cyberattack (the word “resilience” is the key here). If your organization has a high level of cyber resilience, a cyberattack is much less likely to hamper your business operations – you’ll be able to protect your data, reduce the impact of business disruption, and prevent devastating revenue loss. We’ve entered a new digital era – institutional leaders and regulatory agencies need to continue to evolve their idea of effective cybersecurity beyond defense and reaction. By continuing to evolve, these organizations will be able to anticipate attacks and have stronger mechanisms in place to identify attacks and not only recover technologies more effectively and efficiently but continue business during an incident or disaster. Step 1: Identify your most critical information and assets. The evolution of cloud-based solutions, including the Internet of Things (IoT), remote workforces, and vendor integration into organizations’ processes and systems, means that organizations must be smarter and more diligent about securing customer information as well as how critical data assets are shared and consumed. A critical data asset is data that would cause significant damage to your revenue, reputation, and ability to run day-to-day operations if lost, stolen, or threatened. There’s a misconception that all data needs to be protected equally, but consider this: What data would be most valuable to a cybercriminal? You can identify critical assets using cyber risk assessments and IT audits. Once your critical data assets are identified, and their value is measured, you can partner with an external expert to create a process that appropriately protects against fraud and breaches. Examples of critical data assets include: • Client confidential information • Corporate financial data • Sensitive/proprietary information • Sensitive staff information & data • Key business systems (in-house, outsourced, & hosted) • Data custodians (internal & external) Step 2: Align your cyber response and preparedness strategy to the current threat environment. If you’re not keeping up with the latest methods to identify and prevent cybersecurity breaches, prepare to be attacked. Many organizations still rely on out-of-date security measures, like policies, procedures, and passwords that address decades-old threats. While it can seem like a difficult task to keep track of all possible cybersecurity threats, you should at least update your threat intelligence and vulnerability management strategies to address and stay current with today’s most common threats – ransomware, malware, unauthorized access to your email system, weak users, and loss of data or hardware. Key actions to take to mitigate risk and respond to current cybersecurity threats: • Identify current threats and act on intelligence. • Prioritize cyber risks – you cannot defend against all possible risks, order risks in terms of probability and impact. • Focus less on specific technologies since they are continually evolving and more on security goals related to your overall strategic plan and mission. • Ensure your people, processes, and technologies are all protected – cybersecurity is an organization-wide responsibility, not just through an IT department’s efforts and processes. Step 3: Develop and simulate cyber incident response strategies. Next, your organization should have a tested program in place to respond to a cybersecurity incident. Without a formal plan, your customers, employees, IT systems, and even brand can be negatively impacted. Identify a cybersecurity incident response team that will activate when security breaches occur to mitigate their impact on your organization. Your incident response team should include representatives from all major continued on page 24