Banking Technology Magazine | Banking CIO Outlook
bankingciooutlook
December 201719The threat of debilitating cyber-attacks is at an all-time high. According to PwC's Global Economic Crime Survey, cybercrime is now the second most frequently reported economic crime with financial institutions being a favorite target. Compounding this challenge, financial institutions must store and exchange client information with other institutions and databases to facilitate rapid decisions and transactions. CIOs must focus on securing their own network as well as mitigating the risks that external partners may introduce, all without disrupting business processes. Military and intelligence agencies around the world have grappled with this challenge for years. The same tool they've relied upon could also help financial institutions maintain tight cyber security while enabling new business process optimizations: Secure KM (Keyboard/Mouse) switches.New Regulations Take EffectAs the threat of cyber-attacks on financial institutions became more prevalent and the severity of the damage a breach could have both on the firm and the larger economy became better understood, the New York State Department of Financial Services (DFS) enacted 23 NYCCR500 in early 2017 to establish a standard for licensed firms to follow. 23 NYCCR500 is roughly based on established NIST guidelines which provide a basic outline for cyber security, requiring firms to:1. Identify and assess internal and external cyber vulnerability risks2. Deploy a defensive infrastructure, leveraging technologies that best fit with the organization's business3. Implement policies and procedures to protect the organization's stored Non-Public Information (NPI) against unauthorized access, use, or other malicious acts from both internal and external threats4. Detect cyber threats and breaches5. Deploy business continuity policies and technologies to respond and recover from a cyber attack6. Fulfill regulatory reporting requirements in the event of a breachThe DFS left the actual details up to each individual firm's discretion, requiring that a designated CSO/Risk Manager or board sign off on the firm's policy and audit results.The Secure KM Switch: Secure Access to Critical Information for the Financial ProfessionalBy John Minasyan, Director of Product Management, BelkinCXO INSIGHTS
< Page 9 | Page 11 >