3 proactive ways to help safeguard organization from cyberthreats

By Pavithra R

Ransomware attacks have hit almost every sector, from financial institutions to merchants. Real-world instances reveal the destructive effect a successful ransomware attack can have on businesses and consumers. Recent high-profile attacks prompted President Joe Biden to sign an executive order to improve cybersecurity and protect the federal government’s networks. The administration is also urging corporations and business leaders to take immediate steps to safeguard their organizations.

Protecting against ransomware and similar attacks should be a top priority for every FI. Fiserv, a leading global provider of financial services technology solutions, has outlined three proactive steps to help safeguard organizations from threats.

1. Understand ransomware entry points and your vulnerabilities

Risks and vulnerabilities come from various sources, but there are a few common ways organizations become more susceptible to cyberattacks. Most breaches involve phishing, exploitation of third-party weaknesses or the theft of login credentials. Although cybercriminals have employed those tactics for years, the volume has escalated along with our attack surfaces.

The rise of ransomware as a service makes it easier for criminals looking for one false step or unchecked vulnerability to attack an organization. Our foes are no longer individuals working on their own. They are criminal enterprises, businesses or nation-states with the sole purpose of stealing data to harm business for the betterment of their bottom line. Protection starts by putting the right solutions to detect, respond and remediate cyberattacks from all angles.

2. Know the preventive steps to take

Monitoring and managing systems 24/7 and mitigating threats in real-time are the key to staying ahead of cybercriminals. This is necessary as many threats come from outside an organization, monitor every aspect of what is coming into your network. Many organizations successfully use a combination of solutions to manage their detection and response and identify, prioritize and remediate threats posed by third parties.

Many FIs choose to enable two-factor authentication to combat phishing, such as requiring a password and then texting a code to the user for all business applications and email. That can help prevent attackers from logging in with employees’ stolen passwords.

Email protection software scans attachments and emails for malicious attachments and links. Endpoint security software installed on workstations and servers can block known virus signatures and is built to stop many malicious behaviors, including the encryption of files from ransomware.

Often criminals copy a company’s website, social media sites, and mobile applications to trick consumers into giving their personal data to a look-alike domain that allows threat actors to steal data. The ability to receive regular threat intelligence reports of look-alike domains, fraudulent mobile applications and spoofed websites enables organizations to act quickly to keep accountholder data more secure while protecting the brand from the negative implications of a cyber breach.

3. Build your incident-response plan

According to a study by the Ponemon Institute and sponsored by IBM Security, organizations with a plan in place to quickly respond to a data breach in less than 30 days will save, on average, more than $1 mn per incident.

No business continuity plan is useful unless it is enforced and routinely tested. Having a solid, tested, practiced plan will help keep things under control when disaster strikes. Make these plans familiar to all departments within the organization. Include a holistic inventory of all vital systems, how to use them, what to do if they are not available and the necessary steps to get them back to working order.

Also, read Cybersecurity in Financial Services Report 2021