By Sid Yenamandra
If there was ever a time for wealth management firms to build additional resources into their upcoming annual cybersecurity budgets, it’s now.
Cyber-attacks generally continue to rise as hackers from around the world grow bolder and more sophisticated, and though it has been a common tactic for years, ransomware seems to be having a moment in recent months.
Consider, for example, the attack in May on the Colonial Pipeline, which led to the shutdown of the largest petroleum supply line in the country, or, roughly around the same time, the attack on JBS, the world’s largest meat processing company. Both cyber attacks cost the victims dearly while impacting businesses, individuals and families across the country.
While these events from roughly four months ago might feel like ancient history by now in terms of all the various news cycles we’ve been through yet, the reality is that ransomware attackers drew confidence from these bold successes and are continuing to probe other industry sectors across America to perpetrate other cyber crimes.
Continued Remote Work Model Means More Potential Cyber-Risks
From a cybersecurity perspective, it doesn’t help that, even as the U.S. economy slowly emerges from the pandemic, workers continue to do their jobs remotely.
This means workers are performing their duties in a range of settings with varying degrees of cybersecurity measures.
When you combine that fact with the reality that wealth management enterprises increasingly allow access to confidential client data by numerous third-party technology and other service providers, you have the makings of a perfect cybersecurity storm that could be devastating for the unprepared.
Chief Information Security Officers Should Invest in the Following Resources and Tools
Suffice it to say, the environment in which firms are doing business today has never been so rife with threats.
Here’s where each Chief Information Security Officer (CISO) should be putting their resources in the coming year to meet escalating cybersecurity risks.
- Cybersecurity training and education that is integrated with real-world-style testing
Cybersecurity is not simply about closing technological gaps that could be exploited and lead to loss of data – It’s also about recognizing that the strength of any organization’s cyber defenses depends largely on the human element.
How likely, for example, are employees to click a link on an email that appears to be from a colleague asking for sensitive information but on closer inspection displays tell-tale signs of a phishing attempt? Cyber thieves are generally less inclined to attack hardened defenses if they can get someone to let them in the front door.
That’s why organizations should invest in a regimen of training and education that includes simulated phishing tests that are based on real-world scenarios.
There’s typically a misconception among employees – even those whose roles touch on cybersecurity – that when phishing occurs, it’ll be easy to spot. The reality is that there’s no substitute for practice when it comes to identifying suspicious emails.
- Device hygiene
With the proliferation mobile devices and tablets, employees are accessing their organizations’ networks on a wider range of devices than ever before, many of which aren’t owned by the organization.
Organizations should establish a zero-trust environment in which devices are not allowed to access data if they are diagnosed to have vulnerabilities that could compromise the network.
Companies should invest in the ability to conduct real-time scanning of any device that seeks to access its network to determine its cybersecurity posture, along with solutions that can automatically remediate the vulnerabilities discovered through critical security patching, backup integrity testing and operating system rollbacks.
- Network vulnerability testing
Taking a look at the actual number of connected devices on any network – beyond the desktops, laptops, phones and tablets workers ostensibly use for their work — is almost certain to be an eye-opener. It’s not uncommon for home or even some office networks to have Wi-fi-enabled doorbells, thermostats, smart speakers, printers, cameras, security systems and streaming devices. The list goes on.
Each device represents a potential network vulnerability. That’s why it’s crucial for organizations to invest in the capability to do continuous monitoring, scanning for gaps and breakdowns in cybersecurity hygiene that could give hackers a backdoor onto a network and access to sensitive data.
- Third-party vendor due diligence
Working with third-party technology providers allows organizations to enlist the solutions and platforms they need to operate optimally, without the burden of having to build and maintain those solutions and platforms themselves. Put another way, for most wealth management organizations, the buy it-or-build it dilemma was decided a long time ago – they buy it.
But to operate confidently and securely in an environment in which you can never be too sure about any outside provider’s cybersecurity capabilities, organizations should invest in the ability to validate the cyber defenses of every vendor seeking access to their data. If vendors don’t meet a predefined threshold, they should be denied access until they have remediated the gaps in their systems.
- Cybersecurity insurance
The dynamic nature of cyber threats means that no security system can be 100% invulnerable, 100% of the time. For the instances in which data breaches occur or hackers can infiltrate a network with ransomware, organizations should invest in cyber insurance that covers business and operational losses, as well as costs associated with reputational damage and regulatory penalties.
Continuous Vigilance is Key
Regardless of what happens over the next several months with the ongoing pandemic and our nation’s efforts to further contain it, a few facts are clear:
Remote work will continue to be a major part of the new normal that businesses must accept.
Even under best case circumstances, remote work opens up new potential cybersecurity risks that should be addressed as soon as possible.
And in terms of the big picture, we are not looking at best case circumstances. Cyber thieves are continuing to step up targeting of businesses across the country.
The onus is therefore on cybersecurity decision makers, as they evaluate the threat environment, in taking a holistic approach to investing in – and regularly maintaining – their organizations’ cyber defenses.
Sid Yenamandra is CEO of Entreda, a provider of cybersecurity solutions to the independent wealth management space. Entreda is an autonomous subsidiary of Smarsh, a financial services-focused global regtech firm