The goals of your plan:
- The internal processes your company will activate in response to a security event;
- Clear roles, responsibilities, and levels of decision-making authority;
- Communications and information sharing both inside and outside your company;
- A process to fix any identified weaknesses in your systems and controls;
- Procedures for documenting and reporting security events and your company’s response; and
- A post-mortem of what happened and a revision of your incident response plan and information security program based on what you learned.
Company decision makers, especially those with in-house IT department, will likely look to do this internally. And it's certainly possible. However, compliance is essential, so companies who don’t have dedicated IT personnel or whose IT department lack the experience, training, or manpower to oversee this program need an alternative solution.
Staff could do vulnerability scans and a qualified individual (I.e. lower tier cybersecurity personnel) could serve as the CISO. Again, it's difficult for internal security teams to be vigilant for insider threats because they're already exceeding their bandwidth with risk management tasks. Is it worth the risk for staff to take on program oversight as well?
Learn from the Mistakes of Others
Not sure what to include in your plan? Besides implementing a data protection solution specific to financial services, one of the best methods of mitigating data breaches is learning from the mistakes of others.
In addition to security, software, and hardware updates, other important lessons to note are:
- Ensure thorough internal and external vulnerability scans, and address all, regardless of how simple the vulnerabilities are.
- Regardless of how sophisticated your security program is, basic lapses in system maintenance can lead to data breaches.
- Information not considered highly-sensitive (data commonly exchanged during the normal course of business) was accessed
- Staff are often unaware of cyberthreats, and even less likely to deal with them. Implement cyber threat training in the workplace
- Humans will always be the weakest links in a cybersecurity program. To preserve security control investments, financial services must implement cyber threat awareness training in the workplace.
- Look for signs of employee dissatisfaction; Malicious actions could easily be mistaken for legitimate daily tasks. due to day-to-day tasks,
- It's also difficult for internal security teams to be vigilant for insider threats because they're already exceeding their bandwidth with risk management tasks.
- Secure all privileged access
- Streamline Vendor Risk Management -
- Limit login attempts
- Use device cookies
- Don't reveal correct credentials - Prevent login fields from confirming which specific details are correct.
- Use CAPTCHAS
In general, good practices for better security should always include, but are not limited to, the following:
- Annual penetration tests
- Security audits
- Updated incident response plans
- Cybersecurity training
Does your company have the right cybersecurity plan in place? Contact us for more information on how our customizable services may help protect your business.
Posted by Katie Cassens