2. Focus on third-party risk management
Cybersecurity vigilance also extends to a finance organization’s suppliers and vendors.
As they seek to get around traditional defenses, cybercriminals are increasingly finding and attacking the least secure business in the supply chain and using it as a foothold to gradually compromise their partners.
The financial services sector is acutely aware of these risks and the need to properly manage them. However, security professionals are often hampered by the limitations of traditional vendor security assessments that provide incomplete and time-bound views of cyber risk.
A better approach is to use tools that provide deep and continuous insight into the risks and security performance of every organization in a company’s supply chain. Using these data-driven insights, security and risk management teams can speed up their vendor onboarding processes and, once the contract is signed, keep tabs on their vendors’ security postures for the remainder of their partnerships.
Business leaders also benefit. With an unparalleled visibility into third-party cyber risk, they can make informed decisions about which organizations to do business with, hold those accountable for security performance, and, ultimately, reduce the risk of a supply chain attack.
3. Share information on cyber risk
Acting in collaboration rather than in isolation is key to thwarting threat actors. This is something the financial services sector already does well. For instance, the Financial Services Information and Sharing Center (FS-ISAC) is a forum dedicated to strengthening the financial system through a global peer-to-peer network of experts and practitioners.
Firms ..
Support the originator by clicking the read the rest link below.
