Fintech Today
  • About
  • Banking
  • Insurance
  • Resources
    • COVID-19
Subscribe
No Result
View All Result
  • Digital Transformation
  • Customer Experience
  • Cybersecurity & Risk
  • Regulation & Compliance
  • Claims Management
Fintech Today
  • Digital Transformation
  • Customer Experience
  • Cybersecurity & Risk
  • Regulation & Compliance
  • Claims Management
No Result
View All Result
Fintech Today
No Result
View All Result
Home Banking

Response is Everything When it Comes to Data Breaches

by Mark Katz
October 31, 2017
in Banking
Reading Time: 4 mins read
A A
Share on FacebookShare on Twitter

National Cyber Security Awareness MonthNothing instills fear into C-level executives and boards like data breaches. Equifax is the most recent example, pointing to assorted vulnerabilities either on the “human component” or on the infrastructure side. The sobering news is, regardless of what the level of security measures a firm has in place, there will ultimately be a breach. I don’t mean to be a “Debbie Downer” here, but response is everything.

JPMorgan, Sony, Home Depot, and Target have all unfortunately been on the receiving end with real fallout.  One consequence, of course, is that CIOs and CISOs lose their jobs, with the firms left hoping  that the next C-level can protect it. Groundhog Day. On the surface, that at least mitigates further headline risk. However, with data security, there are too many variables, and too much can go wrong despite the best planning efforts of any CISO or CIO. Firms can be confronted with their prized data assets being breached, or worse, subtly manipulated.  And the challenge is that some of these attacks lie in wait on the host for months, making those almost “undetectable” changes to the data. Try doing Machine Learning, AI, or predictive analytics when the data has been “slightly manipulated.” Finally, the resulting headlines can affect a firm’s reputation, which erodes trust, ultimately affecting share price.

There is both a dollar and concomitant reputational risk associated with data breaches. The total annual cost is roughly $80 billion to all organizations globally. And according to IDC, the worldwide spend on cybersecurity will reach $100 Billion by 2020. Organizations are trying to figure out a great way to deploy those assets, but most of the efforts are on network security, and not data security. The dollars are deployed the wrong way. This is where it is worthwhile to employ an outside security firm to:

  1. Assess the organization’s overall risk
  2. Work with an outside firm/vendor to develop a strategy for each security component
  3. Eventually develop a rapid response to breach
  4. Develop a strategy for continuous improvement

Firms are scrambling for tighter controls, better tools, and maybe some Hail Mary’s. These approaches are necessary, but not sufficient (except for the Hail Mary’s, that can sometimes work). Do firewalls save the day?  Can bespoke security rules for each platform or application, with developers embedding their own security measures, keep the wolves at bay? The resounding answer is no. Firms need to be prepared with robust response plans in addition to best practices around security measures. Response readiness greatly mitigates overall risk, and can bring a firm back to operational robustness in less time.   Response plans have a lot in common with BCDR plans, in that there has to be tight integration and understanding of risk with the business. In fact, the response plan should be tied into the BCDR plans if done correctly (get breached, what are your Recovery Time and Recovery Point Objectives?)

Response plans don’t work in isolation. There are other steps that are a necessary part of the process including Security Governance, Data Loss Preventions, BCDR (data backup with RTO and RPO objectives), Training the Human (big lift), Policies and Procedures that are fully vetted and understood within the organization, and Software and Hardware Hygiene (software and firmware updates as recommended).

Since breaches will happen, the response plan does indeed need to be robust with as many scenarios considered as possible. And those scenarios and responses need to be communicated and understood by the C-levels and the board. Like the Boy Scouts urge, always be prepared.

 

 

Tags: CIOcybersecuritydata breachdata securityEquifaxMark Katz

RELATED POSTS

cybersecurity action plan
Banking

An Action Plan for Financial Services Institutions to Address Ransomware

June 16, 2022
Helping Health Insurers
Cybersecurity & Risk

Helping Health Insurers Defend Against Cyberattacks

October 26, 2021
Helping Health Insurers Defend Against Cyberattacks
Transforming Payments and Communications

Helping Health Insurers Defend Against Cyberattacks

October 21, 2021

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

TRENDING NOW

  • Managing Loans as Part of the Paycheck Protection Program is Made Easier with Upgraded Digital Solutions

    Managing Loans as Part of the Paycheck Protection Program is Made Easier with Upgraded Digital Solutions

    512 shares
    Share 205 Tweet 128
  • Location Intelligence a New Tool for Wildfire Assessments

    523 shares
    Share 209 Tweet 131
  • The Business Benefits of Improving Data Quality for Financial Services

    592 shares
    Share 237 Tweet 148
  • Are Banking Virtual Assistants Safe?

    508 shares
    Share 203 Tweet 127
  • Artificial Intelligence Helps Combat Fraud, Waste, and Abuse and Protects $5 Trillion in Pandemic Relief Funding

    495 shares
    Share 198 Tweet 124

CONNECT WITH US

Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad

BECOME AN INSIDER

Get Financial Technology Today news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Future Healthcare Today
Government Technology Insider
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Financial Technology Today offers content and advertising sponsorships to leading technology solution and service providers. Interested in becoming a sponsor? Contact us!

© 2021 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About
  • Banking
  • Insurance
  • Categories
    • Digital Transformation
    • Customer Experience
    • Cybersecurity & Risk
    • Regulation & Compliance
    • Claims Management
  • Contact Us