The challenges of cyber security and the role of CISOs

26 March 2014

The issue of cyber security is one that has been growing and making its way up the priority lists of companies all over the world, as attacks become more sophisticated and commonplace. This is particularly true within the financial services sector, where cyber attacks are taking place more regularly and have the potential to cause serious damage.

The vulnerability of the financial sector to attack has led many major players in the industry, as well as politicians, regulators and policymakers to voice their concerns over the possibility that cyber security failures could lead to the potential instability of the global financial system.

Attacks on the World Federation of Exchanges led to the creation of its first cyber security committee to develop more information sharing on issues such as threat intelligence, attack trends, and common policies, standards and technologies.

Governments all over the world and the European Union have also dedicated significant resources to the stress testing of financial services organisations' systems and practices. In the UK, Waking Shark II simulated a major cyber attack on the nation's financial system to test its real-life readiness.

In Japan, the government recently launched a cyber attack drill in a bid to understand weakness and vulnerabilities within 21 state ministries and agencies and 10 industry associations, including the Treasury.


New threats to cyber security

Cyber security and the ability to bypass it and steal sensitive information, or deny service, is big business for parties that hope to access this information for a profit. As security is becoming more and more sophisticated, so too are the ways in which cyber criminals attack financial services firms, utility companies and government departments.

So, what are the most common types of cyber attack at the moment?

PandaLabs recently revealed that malware is one of the most common tools used by cybercriminals. It noted that in 2013 alone, hackers created and distributed 20 per cent of all malware that has ever existed, with a total of 30 million new malicious strains in circulation, at an average of 82,000 per day.

With so many different types of malware - and a vast range of programs within each type - it’s important that every item can be unambiguously classified and easily distinguished from other malicious programs.

Trojan attacks still remain commonplace, but researchers at PandaLabs highlighted a notable resurgence of ransomware, with CryptoLocker being one of the most common and malicious examples. Ransomware is a kind of malware that restricts access to the infected computer system until money is paid for its removal.

Other new risks to enter the cyber security arena in recent years include Botnet attacks, which are again increasing in frequency and sophistication. Essentially, a bot is simply a program that is designed to connect to something, usually a server, and execute a series of commands.

They can be used to steal trade secrets, insert malware into source code files, disrupt access to services, compromise data integrity and steal employee identity information, all of which can be seriously damaging to a financial company or government department.

Some of the threats to companies from the various Botnets out there include click fraud, Distributed Denial of Service (DDoS) attacks, file system infiltration, disabling existing security and source code infection.


The role of the CISO

Businesses operating in the financial services industry need to take action to protect themselves from the various attacks they may face. In today's business environment, that means balancing the demands of cyber threats with regulatory compliance, and increasing the skills of the chief information security officer (CISO)

CISO's are faced with an increasing range of challenges in the modern business landscape, when cyber attacks are becoming more prevalent. It is no longer enough for professionals in these roles to monitor security and keep software up to date.

In recent years however, the skills required by those in CISO positions have increased, with communication with board members and managers absolutely imperative to running a secure business insulated from cyber attacks. The role has evolved significantly and CISOs must now offer advice and guidance on how technology can improve the company and keep it protected from attacks.

The CISO must move from being a technical risk expert who focuses on the danger of loss, to including risk as a more central part of the role by understanding business priorities while continuing to maintain the corporate moral fibre.

Professionals in this role need to consider a wide range of factors when protecting their organisation, such as what type of attacker would be interested in the information a company owns, what data is likely to be a target and what the business impact of falling victim to an attack could be.

It is also important for CISOs to consider how difficult or easy it may be for a successful attacker to take copies of the data they require, how quickly the organisation would be alerted to an attack in progress and how to react to stop it. The creation of an incident response plan is crucial and something that is becoming more important within the CISO role.


By Gary Cooper

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development