Outdated legacy systems offering an attack surface are in the financial sector more prevalent than in other industries. The interconnectedness between financial organizations is high through bilateral trading, settlement and clearing platforms such as the central bank or payment institutions. Should an attack arise in one organization, spillover effects to other institutions are thus relatively likely: In an industry - where trusting the intermediary is a crucial ingredient of the business model - lengthy outages and compromised data integrity would have adverse effect on customer confidence and liquidity. This could have drastic effect on the stability of the whole sector.
According to the SIX Cyber Security Report the number of cyber attacks observed in the Swiss financial sector is much lower than in other financial centers around the world. What sounds good, is not necessarily a positive sign. Based on interviews with industry experts and CISOs of Swiss banks SIX argues that the low number of reported attacks can also be a symptom of insignificant data breach reporting standards and a lack of visibility.
Top cyber securty challenges reported by Swiss CISOs in the financial industry.
Source: SIX Cyber Secuity Report.
Increased collaboration: Both, the IMF and SIX call for increased exchange and collaboration between institutions to increase knowledge and being able to act quickly and coordinated on potential attacks.
Clear regulation: Also regulations need become clearer regarding cyber security standards but Swiss CISOs are reporting to SIX that they are concerned about being underfunded and understaffed to adhere to those regulations.
Move beyond prevention: While preventing cyber attacks from happening is an important foundation, the IMF argues that for financial stability more is needed. Timely detection, response and recovery is key.
Our goal is to support financial institutions in detecting cyber threats in an automated manner before an actual data breach happens. With the help of AI and big data algorithms our Network Detection and Response software detects unusual patterns within billions of data points in the IT network of financial institutions and report them in a detailed and timely manner. Our customers, such as PostFinance and another system critical bank in Switzerland use ExeonTrace to focus on real threats and free their security teams from manually searching cyber incidents or battling with too many false alerts.
For more information contact us or watch our recent webinar on cyber resilience, where our CEO and founder David Gugelmann describes how ExeonTrace works on the example of Cobalt Strike. Cobalt Strike is a "off the shelve" malware that was used for various ransomware attacks, also in Switzerland.
The author: Carola Hug is COO of Exeon Analytics