How resilient are your cyber operations? CISOs are now expected to be able to confidently answer this question as there’s greater regulatory scrutiny in an environment with a slew of evolving threats – sophisticated cyber-attacks, nation-state sponsored espionage and increased digital fraud. The Financial Conduct Authority (FCA) and Prudential Regulatory Authority (PRA) have both issued guidance and plans to ensure financial services firms make operational resilience a priority.
The convergence of operational and cyber resilience remains a critical area to ensure stability and continuity. However, for CISOs, getting this right means dealing with a range of challenges.
To address them, let’s have a look at some key areas to focus on:
1) Optimising existing investments
This is about revisiting your existing cyber security programme to get the most value out of tooling and services you already have. This asks for detailed analysis of programme capabilities to identify savings, efficiencies, and re-investment opportunities. What complicates this is the need to continuously invest in capabilities to remain ahead of threat actors.
2) Understanding the estate
Are you able to identify all information technology assets – not just those relevant to critical services? In nearly all cases in FS organisations, important business services are comprised of complex IT infrastructure that may span diverse logical, physical, and geographic domains across cloud, on-premises, virtual, mobile, IoT and even operational technology (OT) assets. Having a clear view of the estate is critical.
3) Increasing automation
Free up resources by applying automation to repetitive activities. In the past, large teams of skilled analysts would perform tasks such as log analysis, vulnerability management and penetration testing. New technologies and machine learning can improve the mean time to detect and respond to incidents by filtering and directing teams to threats that require human action.
4) Enhancing supply chain security
A centralised view of the supply chain and the underlying data can help you quantify and rank risks and guide decisions. Such capability asks for moving away from point-in-time assessments to continuous monitoring of vendors and suppliers. This lets organisations respond to the changing landscape of vendors/supplier relationships, connectivity and cyber risks based on risks and threats.