TPRM Archives - Safe Systems

The Crucial Role of Cybersecurity Management in 2024

As we reflect on the challenges of 2023 and the growing reliance on cloud providers in the financial industry, it is clear that cybersecurity management is more important than ever. With the increasing threat of cyberattacks and the need to protect customer information and financial transactions, community financial institutions must prioritize cybersecurity to ensure the safety and trust of their customers.

In our recent webinar, our IT and Information Security experts discussed cybersecurity management with areas of emphasis on the importance of understanding third-party risk management, the new version of the Conference of State Bank Supervisors (CSBS) Ransomware Self-Assessment Tool (RSAT 2.0), and lessons learned from exams and audits in 2023. This post explores some of the key highlights.

NIST Framework and the Arrival of CSF 2.0

The National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF) is a valuable resource for organizations to manage and reduce cybersecurity risk. This framework continuously integrates lessons learned and best practices while retaining its core functions: Identify, Protect, Detect, Respond, and Recover. The recently updated CSF 2.0 includes the introduction of a sixth function, ‘Govern,’ underscoring the importance of clear role definitions, policies, and risk prioritization procedures within cybersecurity programs. It also provides improved guidance on implementation, ensuring that organizations are equipped to address the latest cybersecurity challenges.

Critical Third-party Relationship Management

Third-party risk management is crucial as financial institutions are increasingly relying on third and fourth parties. Interagency guidance underscores the importance of understanding the impact and interaction levels of these relationships on operations and customers. Financial institutions are encouraged to establish sound methodologies for comprehensive oversight of the activities surrounding third parties. This includes a thorough understanding of third-party business processes and systems as well as an understanding of the risks and benefits before contract execution. As financial institutions move forward with third-party relationships, they must also exert pressure on their service providers to ensure adherence to strong cybersecurity standards to effectively safeguard the interests of the financial institution and ultimately its customers.

Importance of the Ransomware Self-Assessment Tool (RSAT 2.0)

The Ransomware Self-Assessment Tool (RSAT) version 2.0 represents a significant step forward in helping financial institutions fortify their defenses against ransomware attacks. The latest version is developed through the integration of feedback from institutions that have been impacted by ransomware, ensuring that the tool remains relevant and effective as this type of malware continues to evolve. With a focus on cloud-based service providers, RSAT 2.0 emphasizes the importance of understanding the flow of data, particularly in environments outside the U.S., and how it is subject to various privacy regulations like GDPR. Furthermore, RSAT 2.0 places increased emphasis on multifactor authentication (MFA) and employee cyber-awareness, reflecting the industry’s recognition of the critical role these factors play in strengthening cybersecurity postures.

Key Lessons Learned from Exams and Audits

A few of the biggest areas of scrutiny that we’re seeing from recent IT exams and audits include:

Asset Management – paying attention to asset lifecycles and end-of-life risks as well as implementing robust authentication methods that govern customers who are logging into electronic banking applications
Change Management – establishing baseline standards and auditable procedures for change requests and appropriate reporting for project management and cost overruns
Data Recovery – periodically rotating through your critical servers and restoring data so that you can ensure the effectiveness, integrity, and availability of that data
Increased Incident Response Testing and Training – conducting testing as frequently as possible over different threat scenarios, documenting those tests, and training the employees who are going to be involved in the actual response

For more lessons learned and emerging trends, watch the full webinar recording.

Community banks and credit unions must prioritize cybersecurity management to protect customer information and maintain operational resilience. Enhanced cybersecurity strategies are imperative, urging institutions to adopt a multidimensional approach that incorporates people, processes, and technologies. Regular assessments, third-party risk management, and adherence to cybersecurity frameworks contribute to a proactive defense against cyber threats.

If you have any questions or want to learn more about our complimentary information security review, please visit safesystems.com/review.

Our Top Blog Posts of 2023

As we begin the new year, it’s a great time to revisit some of the most popular blogs we published in 2023. Our top blogs from last year covered a range of topics, including a cybersecurity outlook, updated third-party risk management guidelines, using conditional access policies (CAPs) and multifactor authentication (MFA) to enhance security within Microsoft Azure Active Directory (AD), and NetConnect 2023. If you didn’t have a chance to read these posts—or simply want to review them—here is a recap of each of them. They offer unique perspectives, best practices, and a wealth of insights that can help your financial institution prepare for greater success in the year ahead.

2023 Cybersecurity Outlook for Community Banks and Credit Unions

Safe Systems’ 2023 Cybersecurity Outlook for Community Banks and Credit Unions revealed valuable peer-to-peer insights that can help financial institutions enhance their security posture. The survey highlights cyber preparedness and budget restraints as top security challenges of more than 50% of the 160 participating financial institutions. It also shared participants’ feedback on other important areas, including prevention and detection security layers; employee security awareness training and testing; and advanced firewall features. For instance, respondents use multiple layers of security, but less than 50% of them combine every security layer listed in the survey. Survey respondents also use a variety of security training—including resource-intensive individual instruction. In addition, most of the survey participants are taking advantage of advanced firewall features, although only 24% of 135 respondents leverage sandboxing technology to detect threats. Read more.

Updated Regulatory Guidelines on Third-Party Risk Management

In June, federal bank regulatory agencies issued updated guidelines to make it easier for financial institutions to manage third-party risks. This new guidance from the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation (FDIC), and Office of the Comptroller of the Currency (OCC) impacts all banking institutions that use third parties. The majority of statements in the new guidance focus on the planning, due diligence, and contract phases with an emphasis on pre-engagement. Since auditors and examiners will be looking more closely at what happens during the pre-engagement stage, institutions need to place more emphasis on scrutinizing potential third parties. Not all statements in the guidance will apply to all institutions or relationships, so we have developed an interactive checklist designed to walk you through key regulatory requirements of the third-party relationship life cycle. Read more.

Using CAPs and MFA to Enhance Security within Microsoft Azure AD

There was a surge in successful phishing campaigns last year, including sophisticated schemes that were able to bypass MFA. MFA-resistant phishing is a significant threat since this type of attack could impact a vast segment of organizations that rely on Microsoft Azure AD (now known as Microsoft Entra ID) and Microsoft M365 services to support their operations. However, financial institutions can use a variety of measures to prevent cyberattacks, including Conditional Access Policies (CAPs). CAPs, which are foundational to safeguarding identities within Microsoft Entra ID, protect the initial step of the identification chain—the sign-in attempt. To maximize protection, institutions should stack multiple CAPs, such as requiring MFA, denying sign-ins from outside of the USA, and requiring device compliance. When designing CAP logic, they should take a broad approach to the scope of the CAP to impact as many areas as possible. Institutions can take a multi-layered approach to optimizing security by leveraging multiple security tactics, technologies, and resources. Read more.

NetConnect 2023—A Glimpse into the Future of Technology and Compliance

The 2023 NetConnect Customer User Conference brought Safe Systems’ customers, employees, and partners together in Alpharetta, Ga. to discuss banking industry trends, challenges, and innovations. NetConnect 2023 provided valuable insights into banking and technology’s vital role in shaping the industry’s future. With multiple informative sessions, the conference covered the significance of hope in business, changes relating to regulatory compliance, vulnerability management, and Microsoft Azure fundamentals. Read more.

Get the latest industry developments, insights, and trends delivered directly to your inbox. Subscribe now to the Safe Systems blog.

Tag: TPRM