We had a CISO community webinar on "Exposure Management For Financial Institutions To Overcome Resource Limitations And Regulatory Reporting". We discussed how to overcome resource limitations and the manual burden of regulatory reporting. How exposure management can help your Institution navigate the ever-increasing regulatory burden.
- How to Overcome Resource Limitations: automate and lighten your workload by providing continuous programmatic assurance
- Discover, Prioritize & Proactively Reduce Cyber Risk: Discover your attack surface risks & prioritize the most important ones to help mitigate the risks faster
- Security Posture Reports to Meet Regulatory Requirements: How to continually assess and provide automated reports on your security posture to meet regulatory requirements
- Bikash Barai, Co-Founder & CEO, CISO Platform & FireCompass
- Dave Lawy, Co-founder QunatumSmart and Senior Technology Executive
- Nasheen Liu, Partner & SVP, CIO Program Strategy
1. In both USA & Canada the regulators are stepping up the level of sophistication demanding higher level of cyber security maturity from Financial Institutions. Any comments ?
- What are some of the ways Financial Institutions provide continuous assurance of their cyber posture?
Context: Good process is always important however automation is the key to being successful in any space.. automated cyber tooling will help setup the company for success
- What is a general trend of interactions observed by regulators with industry on cyber?
Context: Better processes, Less tolerance for poor hygiene, better questions & maturity matrix
2. Is Cyber Insurance important and how does it best serve the organization ?
- The price of insurance is significantly increasing YearOnYear, retention (deductible) is increasing while exclusions and / or endorsements are reducing risk for the insurance carrier. Mitigating controls are more and more necessary
3. How can FI (Financial Institutions) best demonstrate they are adhering to security standards and compliance frameworks such as PCI DSS or SOC 2 and how are these standards maintained and updated ?
- Standards require regular maintenance, adhering to a process and providing evidence. The more that can be automated the better the evidence is to showcase the organization adheres to such standards, better consistency, repeatable, predictable output
- As the environments increase complexity so does the ability to adhere to increasingly more stringent standards and frameworks. It is important to have systems and applications designed, built, and delivered leveraging automation. DevSecOps is a somewhat newer term however this has been around for some time in different forms. Ultimately security has to be built into the design. The systems state must be controlled programmatically which would allow proactive and reactive security changes to be made efficiently and in a scalable manner
4. What is External Attack Surface Management (EASM) and why is it Important ?
- Failure to conduct an extensive attacker-like reconnaissance frequently leaves low-hanging fruits easily exploited by cybercriminals. And because attack surfaces are dynamic you will want continuous attack surface mapping and security testing especially on assets residing in “Shadow IT” for your organization and third parties
5. What are some of the trends being seen regarding cyber people resources and how are companies coping with the ever increasing demand on cyber resources as the threat landscape increases ?
- War on talent, shortage of staff, constraints on budget, increasing demand to protect / defend, more sophisticated attack vectors…shortage of CISO thought leadership
6. Financial Institutions must adhere to standards and practices. How can the Financial Institutions perform expensive security exercises to protect and defend with a security team that has a long list of priorities, along with a shortage on staff and time
- FireCompass CART - Our CART platform gives you multi-stage attack playbooks to mimic a real attacker and accurately pinpoint prioritized vulnerabilities that would be targeted first. CART delivers shorter mean time to remediation (MTTR) and increased depth and breadth of coverage so you can focus on your mission of keeping attackers out and keeping IT/OT services running smoothly and securely.
Gartner says “Nation-state actors and criminal organizations operate with a level of sophistication that surpasses the preventative and detection capabilities of most security and risk management teams.”
7. How about leveraging SaaS security solutions and automation to augment the security team
- Having such tooling with repeatable predictable output and evidence of processes not only helps with regulators but this can be a powerful tool for Third Party Risk Management. If your customer or vendor is using automation, there is a clear audit trail a known process in place that is standardize…this helps in audits as both a customer and vendor…. Third-party risk management: Financial institutions must ensure that third-party vendors and partners who have access to their systems and data are appropriately vetted and managed for cybersecurity risks.
8. What is Cyber risk and how can today’s FI best manage risk
- FireCompass is a SaaS platform for Continuous Automated Red Teaming (CART) and External Attack Surface Management (EASM) that acts as an integral part of a good exposure management program.
-Single Platform for Attack Surface Management and Automated Penetration Testing & Red Team
-Daily Risk Port Scanning & Adversary Emulation through multiple Attack Playbooks
-Prioritized Risks with real-time alerts for faster detection and remediation
- Understand your holistic technology landscape. Understand all your assets logical, physical. Understand your level of maturity measured against regulatory standards, understand your exposures, Understand your processes to mitigate, Understand your tooling and systems to mitigate and understand your organization and culture.