Read the interview and learn about:
- The threat actors and their targets
- How the cloud can protect against cyber threats
- Building resiliency against the dynamic nature of cyber-attacks
- Developing an industry security ecosystem and cyber threat intelligence
- Protecting your digital assets and their data
Security Architect, Director, SimCorp
The financial sector has featured as one of the top 5 industries attacked by various cyber threat actors for a number of years. While security is taken very seriously by most organizations, a few still view this as another compliance task. Cloud transformation could provide a path to resiliency against the dynamic nature of cyber-attacks. This article gives some guidance as to how investment managers can approach strategic cyber threats.
Cyber security incidents are increasing at an alarming rate and impacting the investment management industry. Cyber security has moved from being a technology problem to be a board-level and senior-management concern. The threat landscape is becoming more and more sophisticated and it is no longer spotty teenager related activities, but complex well-funded organized cybercrime. It will be key to develop a security ecosystem within the investment management community as any downstream supply chain would affect the security posture.
Who are the threat actors and what are their targets?
Based on reports collected from multiple organizations who specialize in data breach investigations and cyber incident management and response, the primary threat actors can be split into cybercriminals, hacktivist, and advanced persistent threat (APT) groups. Cybercriminals seek financial account data or other valuable data that they can monetize and use for further fraudulent transfers. Hacktivists look to gain publicity by causing disruption to activities. The most complex threat actors are the APT groups, who use a range of tools and tactics and take direction from nation states to steal information or conduct attacks to pursue their targeted objectives.
Protecting digital assets depending on importance and location
Organizations’ digital footprint is expanding faster than ever before, and shadow IT is becoming a growing concern. An option is to make use of tools like ‘digital asset management’, which gives organizations the ability to identify digital assets that need to be protected and shielded against cyber threat actors. A paradigm shift is happening towards a risk-based security model where security controls are applied based on the criticality of the digital asset’s data. Most organizations already use business-critical software-as-a-service cloud applications like CRM and HR management systems where the data resides outside the organization’s perimeter. So, focus should be on data-centric security controls rather than perimeter-based security controls.
From a security perspective, investment managers are concerned about the confidentiality, integrity, and the availability of business-critical data and information.Sailesh Rajendran, Security Architect, Director, SimCorp
With the wider adoption of hybrid cloud services, they are facing further challenges. Authentication and access of key information from corporate-approved locations should be considered carefully to help mitigate threats like changed destinations for money transfers and market manipulation.
Services like ‘single sign-on’ makes it easy for the user to traverse multiple applications without having to re-authenticate, which also enable external intruders to travel further once they have infiltrated into the corporate infrastructure and gained access. There are few practical defenses against that, so the focus should be on minimizing the impact, primarily through application of the principle of least privileges.
Quantum computing is a fast nearing practical reality. The security threat here is that once nation state hackers have the technology available, they will be able to decrypt widely used encryption like SSL and thus turn a large part of the internet toxic. Luckily, there are already quantum-safe encryption tools available today. No need to rush out today to get this, but this is an area to prepare for. It should also be noted that any encrypted data exchanged today could be siphoned off and stored for later decryption, thus spilling today’s secrets tomorrow – which may or may not matter in specific cases.