The massive cyberattack on JPMorgan Chase may have been one of the largest hacking attempts against a financial institution in 2014, affecting some 76 million households and seven million small businesses.
As the year comes to an end, CIOs across the world are doing their best to protect their organizations by anticipating threats on the horizon—a very difficult proposition at best.
To assist leaders of banks and other financial services companies, cybersecurity experts at the Booz Allen consulting firm have released their list of Cyber Trends for 2015. The team conducted conversations with information security officers across the financial services sector and analyzed “cyber issues and threats” in an attempt to reveal future modes of cyberattacks.
“Even as cyberattacks are a daily occurrence, we are seeing some major changes on the horizon,” said Booz Allen Principal Albert Belman. “We know the nature of attacks will evolve, yet how? Booz Allen takes a lifecycle approach – Anticipate, Protect, Detect, Respond and Recover – that can address critical questions such as this. When you link together all of these segments, they become very powerful tools that can help our clients thrive in this time of increasing peril.”
Below are Booz Allen’s Top 3 Cyber Security Trends for 2015. Click on this link to see the full list of trends.
- Third-party risk moves to the top of the list. Like other sectors, the financial services industry is a huge mesh of intertwined capabilities. Companies are already aware of the potential cyber risks associated with partners, vendors and other third parties and are feeling more pressure from U.S. and European regulators to better manage this risk. As illustrated by numerous breaches this year, the security posture of critical third parties, such as the retail industry, can have a profound impact on financial services firms. In 2015, there will be a shift towards active cyber risk mitigation and monitoring with third parties, versus the current “self-certification” process that is proving less reliable. Third-party relationships will no longer be an afterthought and security will be built in by design into any product, service, solution or software capability provided by a third party – and subject to frequent testing and updates.
- The rise of the “fusion center.” Financial services institutions have increasingly sought a holistic, integrated approach to cyber security, yet it has often proven elusive. Now, firms are building cyber “fusion centers” that better integrate the many different teams – fraud, cyber, IT, physical security, product development – to boost intelligence, speed response, reduce costs and leverage scarce talent. The result: more efficient and faster threat awareness and mitigation.
- Information protected at the database and data element level. It is the most important question: how does a firm protect its most valuable, sensitive and regulated data and where is it located? In 2015, the discussion will move away from “building bigger walls” to a “defense in depth” risk-based approach around high-risk and high-value repositories that limits the value of raw data (for example, debit card PINs). The use of tokenization, chip cards and other solutions will increasingly render stolen data useless to hackers.
The post Booz Allen Predicts Cyber Security Trends for 2015 appeared first on Outsourcing Insights.