Executive Strategies for Cyber-Resilient Banking

Increase Resilience Against Third-Party Risk with These 5 Strategies

David Monnier, Chief Evangelist at Team Cymru

Banks today are embracing Digital Transformation to expand capabilities, maximize profits, and increase customer offerings. In 2023, 74% of banks were accelerating their digital transformation. This expansion wouldn’t be possible without third-party platforms and providers, like cloud infrastructures.

However, financial institutions may not be fully aware of the cyber risks from these third-party providers due to a lack of visibility. 61% of organizations lack a comprehensive inventory of third parties with whom they share sensitive information — meaning three out of five organizations aren’t sure what assets third parties can access. Unfortunately, most vulnerabilities in bank assets are associated with third parties, according to our new report on “The Digital Risk Landscape.” Even one compromised vulnerability can impact operations and cause financial and reputational loss.

Yet, banks can take steps to ensure their data, assets, and customers stay safe from attack. Here’s how top-level banking executives can foster a culture of cyber resilience and navigate digital risks.

Why Banks Need Cyber Resilience

We often hear about large-scale data breaches and attacks, but how do malicious actors typically infiltrate organizations? Through vulnerabilities in their external digital assets, which include web domains and IP addresses that make up various global assets and extend to create third-party dependencies. You can build the strongest wall around your organization, but if there’s a door open, someone can get in—especially if you don’t secure that door yourself and rely on someone beyond your control.

For our “The Digital Risk Landscape” report, we analyzed the internet-facing digital assets of five top financial institutions and found that many doors are open, inviting attack:

• Upwards of 7% of a bank’s digital assets could contain vulnerabilities ready to be exploited.
• 75% of those vulnerabilities are associated with third-party platforms, Amazon being the most prevalent.
• There were 537 vulnerabilities across those digital assets, with 161 unique IDs.

What does this mean for banking leaders? First, even the largest financial institutions have vulnerabilities in their assets that can be exploited. Second, many banks lack a way to detect and remediate these vulnerabilities in a timely fashion, leaving the window open for attackers. Finally, third parties are associated with three out of four vulnerabilities.

The real story is the financial impact these vulnerabilities can lead to if exploited: unauthorized data access; attacks introducing malicious code to unused memory; server shutdowns or system disruptions; disruption of web communications; and attacks displaying old or sensitive data.

These impacts can lead to more than financial losses, such as damaged reputation, legal implications, loss of trust, regulatory fines, direct revenue loss due to downtime, increased IT costs to restore services, and contractual penalties.

Even one unremediated vulnerability poses a lot of risk. What can banks do to protect themselves against these business impacts?

How to Build Resiliency and Protect Against Cyber Risk

To reduce the potential of exploitation, financial institutions need a process through which they can know what vulnerabilities exist in what assets, and take steps to remedy those vulnerabilities — essentially finding the open doors in the fortress wall and closing them. Here are five ways to build resilience and proactive protection in your security.

1. Inventory your assets, adding context and business risk

Fewer than 1% of companies have visibility into 95% or more of their assets, meaning that most companies simply don’t know what assets are under their purview to protect. To safeguard your financial organization from potential threats, start by understanding what your digital assets are and where they are. You can do this with security tools designed to inventory your assets, measure your attack surface, and assess vulnerabilities in both your and your third-party assets.

1. Understand your third-party risk and where it’s coming from

Just discovering and inventorying all your external digital assets is a start. Next, analyze the potential business risk of these assets on your operations. Some may be harmless even if compromised, while others could be highly impactful to operations. Additionally, raise your awareness around where your third-party risks may be coming from, like during new integrations, and the extent of your corporate reliance on third parties.

1. Use greater visibility into third-party risk to improve regulatory adherence

Regulatory bodies are increasingly emphasizing the importance of third-party asset visibility, as compromised third-party and supply chain assets can impact compliance as well — especially when malicious attacks on software supply chains haveincreased by 742% since 2019. Again, investing in tools that monitor your third-party partners and supply chain can help you detect potential compromise before it causes damage.

1. Increase transparent communication around cyber risk

In addition to using security tools to build cyber risk resilience, increase your communication to build resilience as well. Regular internal discussions about security postures and risk mitigation can raise awareness around best practices and contribute to a unified front when it comes to security. Communicating business impact and risk of undetected and unremediated vulnerabilities to leadership can also build support and funding for security initiatives.

1. Plan for incident response and recovery

Finally, resilience isn’t just monitoring your attack surface and taking action to remediate vulnerabilities. It also includes creating a plan for a quick response when one of the vulnerabilities has been exploited. Draw up a clear incident response and recovery plan informed by insights from vulnerability assessments with a playbook that includes specific roles and actions for a prompt and effective response to any security breach.

Building Cyber Resilience Today

Banks are accelerating their Digital Transformation today, but they’re incurring more risk by using even the most common and trusted third-party platforms. To stay ahead of malicious actors looking to exploit vulnerabilities, banking leaders can build their cyber resiliency by knowing their assets and each one’s business risk, increasing communication within their organization about cybersecurity topics and preparedness, and ensuring they have a robust playbook for incident response. Let these cyber resilience strategies be a foundation for your digital acceleration into the future.

Author:

David Monnier, Chief Evangelist at Team Cymru, brings over two decades of cybersecurity expertise, particularly in cyber intelligence. His career began in the U.S. Marine Corps, transitioning to pivotal roles in cybersecurity where he shaped advanced threat analysis systems and network defenses. At Team Cymru, David has led key initiatives to standardize and enhance the security of threat intelligence infrastructure, significantly impacting global internet safety. His work as a keynote speaker has influenced top industry events worldwide.