The CommunityBanker 12 that may alert you to meaningful suspicious activity. Technology like anti-virus tools provides a basic level of monitoring but doesn’t offer the same protections as advanced solutions. Endpoints often have fewer safeguards than servers or other larger equipment, making them a popular target for cybercriminals. Endpoint detection and response (EDR) monitors specific endpoints for anomalies and blocks the spread of malware. Security and Event Management as a Service (SIEMaaS) is another powerful solution that collects and holistically reviews logs from devices throughout your technology environment, such as firewalls, antivirus solutions and endpoints. With a holistic view, you can monitor and resolve incidents occurring within your network. Regulators are even beginning to implement requirements associated with visibility to ensure comprehensive monitoring of the entire network. 4. Limit Privileges and Segment Access In addition to comprehensive monitoring, limit the number of employees with access to sensitive data by appropriately assigning and monitoring security rights and privileges. Institutions should review existing privilege controls for all users and ensure the level of access is appropriate. Allowing employees to access only the data and systems necessary to execute their day-to-day tasks will limit the actions cyber criminals can take if they gain access to the system. Segmenting access and restricting scope help mitigate the effects of malware should an attack occur. 5. Require Strong Passwords and Multi-Factor Authentication Your bank should implement strong password requirements to make it more difficult for cybercriminals to access user accounts. According to a recent report, an 18-character password using lowercase letters would take two million years to crack. Meanwhile, using the right technology, a seven-character complex password could be cracked in nearly 30 seconds. This disparity proves the importance of longer passwords or even passphrases to enhance account security. In addition to hardening passwords, implement multi-factor authentication (MFA) to verify a user’s identity and prevent unauthorized account access. With MFA, a user must provide a third piece of information to access their account in addition to their username and password. Additionally, MFA for privileged account access within an institution’s environment is a regulatory and cyber insurance requirement. Boost Your Cyber Defenses The more layers of security your bank embraces to prevent, detect and remediate threats, the lower the likelihood a cyberattack will devastate your operations or reputation. To learn more about current threats in the financial services landscape and strategies to boost your bank’s defenses, go to www.csiweb.com. Sean Martin is director of Product Strategy, CSI Business Solutions Group for Managed Services. He has worked to establish cybersecurity programs for financial institutions for over 15 years. Previously, Sean has served as Network and Security Operations Manager, Product Manager, and various engineering roles since 2001. In his role, Sean identifies and implements solutions designed to maximize security and profitability for financial institutions. Sean regularly speaks on various financial technology issues, ranging from managed services to IT security best practices. Continued from page 11
RkJQdWJsaXNoZXIy MTU2Mjk4Mw==