It’s Not Too Late: Financial Sector on Alert

Cyber warfare is one of the primary tools of the modern global military today. The threat to cybersecurity has soared to new heights with the Russia-Ukraine conflict. Just after the conflict was initiated, cyberattacks were observed at an increase of over 800% in a 48-hour period. High alerts have been shared out by the FBI, Department of Homeland Security and U.S. cybersecurity agencies. These alerts covered threat levels, response and preparedness.

Security experts have expressed the concern about hacks on the energy and finance industries. The primary sectors to be on alert, according to the presidential administration, include banks, power companies and drug makers, among others.

The world is experiencing extraordinary times. Amid a global pandemic, the war in Ukraine has undoubtedly disrupted the global balance. It is important to be prepared for the many circumstances and attacks. Financial institutions should consider all aspects of preventative actions, from staffing and budgeting to creating an achievable roadmap.

Financial institutions are generally considered ahead of the curve when it comes to their defense against hackers and cyberattacks due to their highly regulated nature. However, as financial institutions continue to shift to online and virtual servicing, their risks continue to heighten.

Top 3 Things Your Credit Union Can Do

• Prepare: Being prepared is the first step in combating threats like ransomware. Test your backups and validate your recovery plans – and your continuity plans as well. Take the path of scenario planning on every component of your systems.
• Lock Down: Go through every aspect of your network, modify policies for sending files or link sharing, and reduce potential risk points like chat applications.
• Respond: Get organized. Designate a response team, complete trial walk-throughs and reinforce how information for teams, members and employees will be shared in the event of a crisis.

Acknowledging the high cost of an attack, financial institutions are looking for ways to safeguard against cyber threats. One way for organizations to protect themselves is by investing in cyber insurance and implementing the cybersecurity controls they require. Cyber insurance helps companies mitigate losses from a variety of cyber incidents. While cyber insurance does not protect against the actual hack, it does aid in mitigating losses from a data breach involving private consumer information to system impairment and interruption.

There are a number of benefits to having cyber insurance beyond aiding in financial recovery. For example, insurers help monitor and assess risk within an enterprise. Cyber coverage can reduce attacks by identifying vulnerabilities and requiring stronger security protocols from the financial institutions. As the cyber landscape changes, the insurers change their requirements and policies to better prepare financial institutions for an attack. Having a proactive approach and detailed recovery plan is necessary to securing a financial institution against an attack.

At bare minimum, financial institutions should be implementing multi-factor authentication and conducting cybersecurity awareness training, and have a prepared response and recovery plan for when the next cyberattack occurs. Cyber insurance can help mitigate the risk of being attacked and any losses incurred, as well as drive financial institutions to adopt cybersecurity best practices. Financial institutions may have a target on their backs as an industry, but it should also be known that circumventing cyberattacks is possible with the right approach.

It has been said that the best time to plant a tree was 20 years ago. While that may be true, there’s no time like the present to protect your organization and your members. It’s only too late when you’ve waited and an attack has occurred.

Ann Davidson Vice President, Risk Consulting Allied Solutions Carmel, Ind.