Malware. Social engineering. Denial of service. In recent years, these and other harmful cyber attacks against American financial institutions have increased in frequency and severity. The result? Many bank CEOs now identify cybercrime as their No. 1 concern. These attacks take computing prowess. So, more and more often, they are backed by players with copious amounts of capital. And they involve the use of artificial intelligence (AI) tools to quickly crack passwords and breach other security measures. If your bank doesn't have sufficient real-time monitoring, comprehensive breach notifications and alerts, and sophisticated vulnerability assessment capabilities, it is among those most at risk.
Earlier this month, the Department of Homeland Security's dedicated cyber advisory unit, the Cybersecurity and Infrastructure Security Agency, issued a warning regarding the intensified threat of a cyber attack amid increasing geopolitical tensions. In the wake of this warning, America's financial regulatory heavyweights doubled down on the critical importance of prioritizing cybersecurity preparedness and resiliency in the financial services industry.
Specifically, last week, the Office of the Comptroller of the Currency (OCC) and Federal Deposit Insurance Corporation (FDIC) issued a joint statement on heightened cybersecurity risk. In the bulletin, the OCC and FDIC reminded banks to use sound risk management principles and risk mitigation techniques to reduce the risk of cyber attack and minimize the negative impacts of a successful attack. The statement covered response, resilience, and recovery capabilities, system configuration, authentication, and examples of strong IT risk management practices and controls.
The regulators advise banks and financial institutions to:
- Ensure sufficient mirroring and data replication capabilities to back up production systems on a near-real-time basis
- Backup systems either on segmented portions of the network or offline
- Regularly test recovery capabilities to respond to ransomware or malware
- Conduct periodic exercises to demonstrate that cyber recovery capabilities function as expected