Page 28 - Cyber Warnings
P. 28
In order for any organization in finance to successfully field compliance hurdles and the
seemingly unlimited cyber-attacks leveled against them, they need a solution that thinks more
like a human than a machine.
Financial cybersecurity groups could solve a large percentage of their challenges with a solution
that can execute cybersecurity functions with the same institutional knowledge as a human
cyber-analyst.
To keep up with the high pace of cyber-attacks, we must turn to artificial intelligence driven
analytics. One can use regulatory mandates to generate the necessities of a beneficial AI
analytics solution. Examples include:
• Data mapping of all the institutions digital assets
• Policy violation detection
• Suggest courses of action consistent with Incident Response plans
• Assist all levels of cybersecurity personnel with repetitive tasking and monitoring
vigilance.
• Generate and maintain threat and risk analysis
• Notification of reports and events to relevant parties
o Quarterly operations report to board members
o Daily operations summaries to CISO
o Alerts to cybersecurity operations staff upon event detection.
To comply with regulations and perform good cybersecurity you must know your institution’s
data and network, know your institution’s assets and risks, have written cybersecurity policies,
have plans for when incidents and policy violations occur, and quickly be able to notify the right
personnel when these are detected.
These challenges often inflate operational cost and showcase the enormity of the difficult-to-
defend information silos that commonly exist throughout the banking sector.
Further complicating these challenges are groups like Dark Web that are willing to pay
employees large bounties in exchange for proprietary or insider intelligence that can help an
attacker penetrate a corporate network.
Low-level and less compensated employees like tellers have been especially susceptible to
those types of bribes within the financial sector.
Seeing the DarkLight
Similarly, the U.S. Department of Energy’s Pacific Northwest National Lab (PNNL) (operated by
Battelle) faces the challenge of successfully navigating the turbulent waters of cyber and
information security.
28 Cyber Warnings E-Magazine February 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
