Banking cyber checklist

The attacks target companies large and small, as well as public-sector institutions and individuals. So, how can organizations protect themselves in 2023?

Mazars is here to help. We've compiled best practices (below) to help reduce the likelihood of a breach in 2023 and beyond.

1. Mobile device management (MDM) – Financial institutions should implement MDM tools to monitor physical devices that may contain sensitive financial information. This can be used in conjunction with additional monitoring tools such as a data loss prevention (DLP) or security information and event management (SIEM) to help strengthen visibility to your company’s sensitive data, where it goes and who’s accessed it.
2. Plan on an aggressive, regular practice of applying software patches – While breaking news often breathlessly covers brand new vulnerabilities, most of the successful attack campaigns by threat actors make use of vulnerabilities for which there are already fixes available. Be sure to identify all of the software components in your environment, make sure they all get regular updates and plan to replace those components before they reach their end of life.
3. Implement secure remote access using multifactor authentication (MFA) – Data on actual attacks show that attackers consistently make use of insecure remote access to get into victims’ systems and networks. By removing any unused or shadow IT means of remote access and enforcing strong authentication using MFA, organizations can significantly reduce the likelihood of threat actors using this common means of attack. And it’s important to use strong MFA technology, like a FIDO2-compliant technique or a QR-code based app and not something like SMS or email messages containing one-time codes.
4. Establish a security baseline for third parties – Manage third-party risk by establishing some security baselines for third parties that connect to your environment, access your data or represent your organization (i.e., hosting your website). Make a security review part of your vendor onboarding process and reevaluate those providers every year. If you ask for an independent audit or attestation like a SOC 2, be sure to read the scope of that audit, understand the controls, and determine if there are any differences between their audit and what you expect. Don’t be afraid to ask questions and press your vendors for details.
5. Train your employees – Humans are the number one contributor to security incidents. Ensure your employees (and contractors) understand their responsibilities to help fight threat actors. The single best security investment is consistent security awareness training for your workforce.
6. Data classification – Financial institutions should consider reviewing and enhancing their data classification policy/program as needed. Given the sensitive nature of financial/personal banking information, the organization should know where this data sits at all times, when it was accessed and if it’s been disseminated inappropriately. Similar to MDM, DLP tools can often help support strengthening the data classification process given the organization has appropriately identified where their sensitive data sits.
7. Invest more in your security – The mantra shouldn’t be, investing in security “if” we get attacked. Instead, you should invest in security in preparation for “when” you get attacked. It’s critical to not only have advanced network security tools, but also strong IT and legal teams.
8. Encrypt data – Encryption technologies can significantly help mitigate the consequences of cyberattacks. Encrypting your data now can potentially save your practice from steep government penalties.
9. Practice incident response – It’s not enough to just have an incident response plan; you have to drill it with your teams. Practice the plan against a variety of scenarios that might occur (e.g., ransomware attack, a failure at a critical third party during peak shopping season). Test your team’s preparedness as well as the plan’s effectiveness itself. Don’t be afraid to adapt it to adjust to new threats or changes in your environment. Don’t be afraid to script specific playbooks for specific scenarios.

Is your organization falling short of some of these best practices, or are you looking to improve your business’ cybersecurity? Mazars’ Cybersecurity Consulting team can help. Contact us today for more information or to talk with one of our team members.