‘It takes a village’ to protect financial sector from cyber threats

U.S. financial service companies are among the favorite targets of hackers and cyber thieves. An effective attack may result in millions of dollars in gains. One successfully-executed cyberattack might bring wealth that lasts a lifetime. 

Conversely, one significant cybersecurity attack on a financial institution might cause instability in the whole financial market. The interconnectivity among the financial institutions is stronger than ever, and the financial sector notably influences the American economy. The U.S. finance, insurance and real estate sectors now account for 20 percent of GDP; compared with only 10 percent in 1947.

{mosads}Because of constant attempts to break into financial companies, cybersecurity departments of major financial institutions face ever-growing challenges. According to Homeland Security Research’s U.S. Financial Services: Cybersecurity Systems & Services Market report, the American financial institution’s cybersecurity market is the largest and fastest growing in the private sector. It is predicted that this market will grow to $68 billion by 2020.

Nevertheless, one of the main weaknesses in financial industry cybersecurity comes from third parties. As seen in recent headlines, breaches in third-party service providers can create damaging issues for the firms that rely on their services.

Due to the increasing interconnectedness of the U.S. financial system, a cyber incident at one entity may impact the safety and soundness of other financial entities and introduce potentially systemic consequences. Most major financial institutions have well-established Security Operation Centers (SOCs), armies of cybersecurity analysts, automated fraud systems and orchestrated cybersecurity workflows.

Secretary of Treasury Steven Mnuchin has made cybersecurity his top technology priority. He said he will use his authority as chairman of the Financial Stability Oversight Council to push financial regulators to strengthen cybersecurity.

First, if Secretary Mnuchin wants to focus on improving the financial sector’s cybersecurity, he should call for more cybersecurity oversight from boards of directors and senior management, holding them accountable for implementing cyber risk management frameworks. Cybersecurity is not a technical challenge anymore, it is a business management challenge.

In the cybersecurity community, there is a saying that the weakest link in cybersecurity is between the PC and the chair. I would add, the third-party vendor is the second-favorite target to access a well-protected company.

Federal regulators should mandate that bank board members have sufficient expertise in cybersecurity. The boards and senior management teams can see the big picture of the financial market and its interdependence. This will elevate cybersecurity from a technical issue to a business and management matter. Cybersecurity awareness must become a norm in the financial sector, rather than an exception. 

Secondly, Secretary Mnuchin should concentrate on better information sharing among the players in the financial market. Information sharing provides intelligence on recent attacks. If shared in a timely manner, this intel might prevent other companies from being exploited using the same attack strategy.

There is a big chance that, if a certain type of attack is penetrating Citibank’s network, JP Morgan and other financial institutions will be next.

Information sharing sits at the core of stability of American financial markets. The Cybersecurity Information Sharing Act of 2015 is a great first step to voluntarily share  threat indicators and defensive measures with other private entities, or the government. But there has to be more done to encourage information sharing. Secretary Mnuchin can become the champion of this effort.

In the meantime, Darknet players have understood for a long time that they are stronger together, not separately. They must be one step ahead in their creativity in order to execute a successful cyberattack.

For that reason, information is one of the most valuable assets on the Darknet. Hackers share vulnerabilities, zero days, targets, tips and stolen identities. This is where private business is losing its cyber competition.

Active three-way information sharing should be encouraged between government agencies with robust cybersecurity capabilities and intelligence, SOCs of financial sector institutions and third-party vendors.

All financial players should be included in information sharing, not only those entities deemed, “too big to fail.” There would be a significantly impact on financial markets if units like exchange platforms or clearinghouses were attacked. The interconnection between financial institutions has to be secured.

Rather than concentrating on individual financial institutions, the Department of the Treasury should focus on the financial market overall due to its interconnectivity.  

Algirde Pipikaite is a cybersecurity expert, digital strategist and vice president of information at CyberSponse, a leading company in cybersecurity automation and orchestration. The views expressed in this article are the author’s own and do not reflect the view of her company or U.S. government.

The views expressed by contributors are their own and not the views of The Hill.