Cyberattacks no longer affect just the target — they create ripple effects that harm partners, service providers and customers. In today’s interconnected world, breaches impact many stakeholders. As data breaches continue to trend up, organizations are spending more on solutions that prevent attacks without disrupting business. This escalating threat underscores the critical role of the information security officer (ISO) in adopting proactive security measures. Their leadership is vital in ensuring organizations take every precaution to avoid becoming victims. All organizations should consider these key topics in their 2025 information security (IS) program review. 1. RANSOMWARE AWARENESS Ransomware remains a critical risk to organizations. The Ransomware Self-Assessment Tool 2.0 (R-SAT 2.0) addresses evolving threats, attacker tactics and security controls. This tool helps organizations identify security gaps, raise ransomware awareness and provide executive leadership with insights for informed decision-making and resource allocation. It also supports auditors, consultants and examiners in evaluating security practices while incorporating lessons from past ransomware incidents. Overall, R-SAT is a valuable resource for strengthening cybersecurity posture and improving security practices. 2. BOARD CYBERSECURITY TRAINING An organization’s board of directors holds ultimate fiduciary responsibility for its security. Without a strong grasp of cybersecurity, they may make decisions that weaken defenses, misallocate budgets or fail to align security strategies with business goals. A board that underestimates cybersecurity risks may fail to implement proactive measures to prevent breaches and may lack effective crisis response plans, resulting in poor risk management. Cybersecurity is a shared responsibility that extends beyond a single person or committee. A consistent training program fosters trust and reinforces the organization’s commitment to protection. 3. FIREWALL REPORTING AND MONITORING Approximately 60 to 75% of our customers outsource firewall management. While this relationship is trusted, the organization retains ultimate oversight responsibility. At a minimum, organizations should understand their network baseline to ask the right questions and identify key risk indicators. Outsourcing firewall management introduces both risks and opportunities. Relying on a third party means depending on their expertise and responsiveness. However, misconfigured firewalls can lead to vulnerabilities, and limited visibility into the vendor’s operations may hinder effective monitoring and data protection. To mitigate these risks, organizations should establish clear roles and expectations in written contracts, conduct periodic security audits of the vendor’s practices as part of their vendor management program and limit administrative access to authorized personnel with strong authentication, like multifactor authentication (MFA). Oversight should include receipt and review of comprehensive logs or read-only access, at a minimum, to monitor suspicious activities or policy violations. Vendors should be integrated into the organization’s incident response plan, including defined roles, communication channels and escalation procedures. Collaboration and transparency are key to ensuring firewall security and improving oversight and response capabilities. 4. MULTIFACTOR AUTHENTICATION Hackers increasingly use malware, ransomware and phishing to steal credentials and access networks. MFA is a key defense that adds an essential layer of security by requiring two or more verification factors. Strengthening security with MFA enhances data centers, secures remote work and minimizes cyber threats. Organizations should enforce MFA for administrative access to directory services, backups, network infrastructure, endpoints, remote employees and vendors, and firewall management. Many cybersecurity insurance vendors now require self-attestation, including MFA verification for remote and administrative users. Without adequate controls for administrative users, organizations risk unauthorized access, data breaches, financial loss, reputational damage, legal consequences and operational disruption. 5. VENDOR MANAGEMENT PROGRAM Vendor management continues to evolve and requires diligent monitoring, especially for those deemed critical to operations. Adhering to FFIEC and interagency guidance ensures comprehensive INDEPENDENT REPORT | 21
RkJQdWJsaXNoZXIy MTg3NDExNQ==