What is cyber security within the finance industry?
Malware is downloadable software, which can be sent via an email with a link disguised as a software update or other fake web page, intended to trick the user into engaging. It’s designed to infect the user’s computer and manipulate how it functions. It also may spy on them or destroy their data. Malware is very easily spread from computer to computer. Though firewalls can detect malware, people must also be educated to pay attention to potential malicious links or attachments before clicking on them.
As the name suggests, brute-force attacks occur when the attacker guesses a user’s system login details, and once discovered, they force their way in. These attacks often use automated bots to identify users' credentials, as it can otherwise be a time-consuming exercise.
Web attacks usually refer to vulnerabilities in web-based applications, like online banking. The user may be fooled by a fake web page, a pop-up, or a script to ask to change their login details. Following this interaction, the hacker can obtain those details and login as if they were the user. If it were a banking application, they can then withdraw and send money to another bank account.
Why is cybersecurity vital for a financial licensee or adviser
Penalties of cyber breaches for your organisation
- Privacy Act (Cth)
- Crimes Act 1914 (Cth)
- Security of Critical Infrastructure Act 2018 (Cth)
- Criminal Code Act 1995 (Cth)
- Telecommunications (Interception and Access) Act 1979 (Cth)
licensees can enforce cyber risk management controls and standards as a condition of authorisation to authorised representatives,
cybersecurity exposure must be actively managed with the assistance of cyber experts,
the financial penalties & legal costs in the failure to adequately manage cyber risk exposure and breach are significant,
the strengthening of indemnities for potential losses arising as a result of cyber incidents, and;
the rights to conduct external cyber security audits
Steps and measures to enhance your cyber practices
- Risk & governance: well-constructed policies, procedures, and risk awareness across the licensee and AR network
- Intelligent & agile: timely threat identification, agile ability to adapt and respond through intelligent and critical decision-making
- Resilience & recovery: the ability to plan, anticipate, stand up to and recover from compromises with minimal disruption
Third-Party Risk Management (TPRM) - A third-party risk management program will identify security vulnerabilities for all third-party cloud services to prevent supply chain attacks.
- Multi-Factor Authentication - An MFA policy will make it very difficult for threat actors to compromise privileged credentials.
- Firewall - A regularly updated firewall is capable of detecting and blocking malware injection attempts.
- Attack Surface Management - An attack surface management solution capable of detecting data leaks will significantly reduce the chances of a successful data breach, both internally and throughout the vendor network.
- Learn TTP (Tactics, Techniques, & Procedures) - Threat actors often use similar attack strategies due to similar vulnerabilities across the industry.
- Have clear contractual terms, policies & governance between Licensee and ARs across information security, data storage, cybersecurity, fraud procedures, password policies, and privacy,
- Employ credible third-party cybersecurity expertise to conduct regular reviews and audits on governance, policies, and systems, as well as consult on breaches,
- Deploy endpoint device protection across staff,
- Ensuring computer systems have up-to-date antivirus software installed and operating,
- Engaging with the appropriate level of cybersecurity, IT & data management insurance & indemnity cover across the group,
- Use firewalls for emails and backup systems,
- Update password practices ie: sharing passwords between staff and use of default passwords,
- Deploy cyber training and professional development across the AR network,
- Use incident reporting where cyber incidents are notified and escalated,
- Password-protect client documents containing personal information sent via email,
- Utilise MFA/2FA on all software systems,
- Ensure your AdviceTech covers cybersecurity with adequate governance, policies & indemnities,
- Use a client portal with 2FA/MFA to interact with clients over email (adds a layer of extra security over email), and;
- Ensure all staff is trained adequately on cyber (ie: social engineering).