In the aftermath of many recent data breaches targeting banks, and the announcement that a group of cybercriminals stole at as much as $900 million from banks around the world using malware, financial regulators are starting to get more serious about their cybersecurity requirements.
Regulators in New York announced this week that they will begin to consider stricter cybersecurity requirements for banks that would mandate more complex computer login procedures and make contractors receive certifications of their cyberdefenses. Ben Lawsky, superintendents of the state's Department of Financial Services, said that the agency is already updating its regular examinations of banks and insurance providers to add targeted assessment of barriers against hackers.
Lawsky added that if these changes aren't implemented quickly, he is worried that the financial system will become the target of a major cyberattack within the next decade, creating panic that could spread into the wider economy.
"At DFS, we believe that cybersecurity is likely the most important issue we will face in 2015 and perhaps for many years to come after that," said Lawsky.
Increased threat detection necessary to fight cybercrime
He went on to say that the usernames and passwords that have been the norm for those operating online are no longer sufficient, and organizations need to move toward multi-factor authentication systems and add in extra layers of security to reinforce defenses.
DFS is also looking into adding random audits of the monitoring and filtering computer systems used by financial firms to try and identify illicit transactions. In just the last four years, the agency has reached numerous multimillion-dollar settlements with banks accused of making transactions through their New York branches on behalf of clients in countries with which the U.S. has barred trade.
"Money is the oxygen feeding the fire that is terrorism. Without moving massive amounts of money around the globe, international terrorism cannot thrive," said Lawsky.
In an effort to increase the protection of the massive amounts of data they store, many financial institutions have begun to implement big data security solutions to quickly and accurately detect intrusions. Network monitoring and threat detection services are one such tool. Monitoring solutions employ big data analytics to analyze the vast amount of information created by banks and other financial firms in order to detect anomalous activity that may suggest a malicious intrusion. Big data security programs are constantly recording network event activity so organizations can receive actionable threat information to use in the creation of a more robust security policy.
Cybersecurity news and analysis brought to you by ArcticWolf, inventors of firebreak detection and response security services. Firebreak, when your firewall fails.