top of page

Cyber Strategy: Don’t Focus on Prevention — Master Resilience

Source From / Akamai Official Blog


In an era in which digital innovation propels us forward, cybersecurity must remain a business priority to ensure the integrity, confidentiality, and availability of sensitive financial information. With Cybercrime Magazine predicting more than US $10 trillion in costs associated with cyberattacks by 2025, financial institutions must stay ahead of adversaries, not only as a defensive measure but as an indispensable commitment to resilience, trust, and the uninterrupted flow of prosperity.


An effective security posture must go beyond building a robust defense. Given all that is at stake and the current cybersecurity reality, prevention simply isn’t enough anymore. Failing to prioritize resiliency as well as vigilance exposes financial institutions to myriad risks, including regulatory fines, erosion of customer trust, revenue losses, and damage to reputation and brand integrity.


The new reality of cyberattacks

Cyberattacks targeting financial institutions have become increasingly sophisticated, complex, and persistent. Attackers use sophisticated methods such as zero-day exploits, social engineering, and targeted malware — all of which make it difficult to prevent attacks. That concern is compounded by an attack surface that is rapidly expanding and changing, with more than 83% of web traffic today using application programming interface (API) requests.


Even when a financial institution feels that it has locked out all external threats, there is still the risk of cybercrime originating from internal breaches, third-party vendors, and nation-state actors. The last two years have seen a jump of almost 44% in insider threat, with larger financial institutions having a higher likelihood of an internal cybercrime incident.

With the reality of all businesses facing cybercrime, regulatory frameworks and compliance standards will increasingly emphasize cyberattack resilience — not just prevention. The Digital Operational Resilience Act is a clear example, stressing the need for financial entities to demonstrate the ability to withstand, respond to, and recover from cyber incidents.


The importance of cyber resilience

Why is cyber resilience important? Because proactive preparation and response mitigate damage. That response must go beyond mere prevention, and acknowledge the inevitability of cyber incidents. It should focus on the financial institution’s ability to withstand, adapt, and continue operating in the face of challenges, mitigating further damage and protecting the institution from legal risks due to negligence.


This can only be carried out with a comprehensive and integrated approach to cybersecurity defense with a trusted technology partner. Deploying security controls integrated by a single vendor can help streamline operations and make detecting and mitigating threats easier.


However, chief information officers and other C-suite leaders often need help in determining strategies to mitigate breaches and shorten their impact and duration. Here are several principles to give organizations the best chance to effectively weather attacks.


5 ways to create greater resilience to a cyberattack


1. Mind APIs

Understanding all organizational APIs and their risk exposure is crucial for resilience against cyberattacks. APIs serve as gateways for data exchange between systems and external parties, making them potential targets for cybercriminals who seek entry into sensitive networks.


Effective API security must move beyond traditional API discovery to locate API endpoints that are authenticated but still exploitable as part of API sprawl. Understanding the risk exposure covered by APIs allows for proactive threat assessment and the identification of weak points.


This leads to the implementation of appropriate mitigating strategies, which bolsters the financial institution’s cyber resilience, minimizes the attack surface, and decreases the risk of data theft and business disruption.


2. Target the OWASP Top 10 API Security Risks

Prioritizing and ensuring controls that cover the Open Web Application Security Project (OWASP) Top 10 API Security Risks (2023 edition) is a good place to start when your goal is to find and eliminate API vulnerabilities.


Financial institutions can allocate their resources effectively to address the most significant threats by focusing on these key vulnerabilities, reducing the attack surface and potential impact of successful breaches. Implementing these robust controls enhances the overall security posture of web applications, minimizes the likelihood of successful cyberattacks, and fosters a proactive security approach that strengthens the organization’s ability to withstand and recover from potential attacks that could otherwise do heavy damage.


3. Implement always-on distributed denial-of-service (DDoS) protection across the entire attack surface

This important barrier is crucial because such attacks present a considerable risk to the availability and performance of online services. Comprehensive protection across the entire attack surface helps safeguard against potential service disruptions, data breaches, and financial losses, which will bolster the organization’s ability to maintain business continuity, protect customer trust, and effectively respond to cyberthreats.


4. Actively participate in threat intelligence sharing

Join the Financial Services Information Sharing and Analysis Center (FS-ISAC) for access to critical intelligence that will help you stay ahead of threats. Participating in threat intelligence sharing enhances situational awareness and broadens the understanding of the overall cybersecurity landscape. Financial institutions gain insights into industry-specific threats, enabling them to anticipate and prepare for potential risks that may impact their operations and customers.


5. Maintain runbooks and playbooks

Maintaining up-to-date runbooks, conducting tabletop exercises, having playbooks for various zero-day scenarios, and keeping the security operations center playbook updated and accessible are all vital for resilience against cyberattacks. Runbooks provide clear, standardized procedures to respond to incidents promptly and effectively. Tabletop exercises simulate real-world scenarios, allowing teams to practice their response strategies and identify areas for improvement.


Get started today

The threat landscape is continuously changing, and cyberattacks can occur at any moment. Delaying implementation of security measures leaves organizations vulnerable to potential breaches, data theft, and service disruptions.


Building cybersecurity resilience takes time. The earlier companies begin, the more time they have to strengthen their security posture, educate their employees, and implement proactive measures to detect, prevent, and respond to cyberthreats effectively. So, get started today and put in the due diligence to mitigate future challenges.



コメント


bottom of page