Search

Enhancing Traditional Approaches to Manage Cyber Security Risks

Mark J. Morrison
October 24, 2019
By Mark J. Morrison ,Chief Security Officer

At the July World Federation of Exchanges Technology Summit in Umea, Sweden, there was a lively cyber security panel discussion covering the challenges associated with implementing new and emerging technologies in the financial sector. The panel, consisting of senior security representatives from the National Stock Exchange of India, the SIX Group Services, and OCC explored how the implementation of technologies like Blockchain, Distributed Ledger, Artificial Intelligence, Machine Learning, and Public Cloud requires financial institutions to enhance traditional approaches for protecting information systems and data to address the operational, regulatory, and security risks introduced.

Blockchain and Cyber Security

While it is commonly acknowledged the adoption of Blockchain will improve overall financial transaction security through the ubiquitous deployment of advanced data encryption and multi-factor authentication, significant cyber security risks remain that must be remediated. Blockchain is essentially a highly secure application to facilitate the exchange of financial transactions across multiple participants, but most institutions will execute this application on insecure hardware running insecure operating systems and hypervisors. It has been well documented that advanced cyber adversaries, including cyber-criminal elements and nation states, have initiated successful attacks targeting security vulnerabilities within the system hardware and firmware. These attacks could provide the cyber adversary with access to sensitive information and allow for the unauthorized manipulation of financial transaction data while in an unencrypted state. The cyber adversary also could exploit these security vulnerabilities to execute a denial of service attack.

The Use of AI and Machine Learning

Many financial institutions are applying commercially available artificial intelligence and machine learning techniques to assist with quickly identifying and responding to cyber attacks impacting critical business operations, breaching corporate information systems or resulting in an unauthorized disclosure of sensitive information. By adopting machine learning in cyber defense, a financial institution can collect, synthesize and analyze large amounts of systems data looking for patterns of anomalous behavior associated with more advanced cyber attacks. Several cyber security companies have developed artificial intelligence-based product lines to automate the necessary remediation responses to detected cyber attacks through the development of comprehensive security incident response and business continuity playbooks. As the sophistication of cyber adversaries increases, financial institutions must adopt new technologies and processes to detect and respond to a wide variety of cyber-based attacks.

Migrating Functionality to the Cloud

Another emerging technology discussed in depth by the panel was the security implications for financial institutions planning to migrate business operations and functionality to public and/or private cloud instances. The panel members identified several areas for financial institutions to consider when adopting cloud technology, including the importance of defining your cloud architecture (Infrastructure as a Service, Software as a Service) so you will implement the appropriate security controls. Other factors to consider include developing an understanding of where applications will execute and how data will be processed and stored; defining user identity and access management controls; logging and review of system activity; securing containers within virtual private cloud instances; and establishing communications with financial regulators so they can achieve understanding of the cloud security strategy.

To learn more about OCC's thought leadership on industry issues, visit OCC's Blog.