The connected nature of the financial services industry and its rapid pace of technology adoption make banks particularly susceptible to converged threats—where events that originate in either the cyber or physical domain have an impact in the other—requiring them to rethink their approach to security.
A distributed denial of service (DDoS) attack brings down a bank’s infrastructure and renders services inaccessible to customers. An extreme weather event causes power outages and forces the closure of local branches. Hackers take control of a bank’s building management system and lock out (or lock up) personnel.
These are all examples of cyber-physical convergence—where events that originate in either the cyber or physical domain have an impact in the other. They’re becoming more common as the world becomes more digital.
In the past, cyber and physical events were typically unrelated. But that’s no longer the case. As the U.S. government’s working group on cyber-physical resilience puts it: “the digitization of all aspects of society has made us all dependent on complex and often fragile cyber-physical systems that can easily break down or suffer from cyber-attacks, software glitches, supply chain problems, mechanical failures, natural disasters, or other disruptions.”
The connected nature of the financial services industry, its rapid pace of technology adoption and initiatives, such as open banking, make banks particularly susceptible to converged threats. Attacks in one part of the system or against a third-party partner can have ripple effects across institutions.
These interconnections radically increase the attack surface and give threat actors more opportunities to exploit weaknesses and vulnerabilities across both the physical and digital worlds. With 63% of financial institutions experiencing an increase in disruptive cyber attacks, there is good reason to be concerned.
The growing convergence of threats means that banks must now rethink their security approaches.
Manage risk in multiple domains
More and more institutions are recognizing the damaging impacts of cyber-physical threats on their people, customers, assets and operations. As such, many are now taking steps to ensure tighter alignment between their cyber and physical security teams.
Approaches vary. Some are merging cyber and physical security teams into a single, unified function. Others, while keeping teams separate, are putting in place programs and policies to ensure more effective collaboration and communication between the teams.
For example, Bank of America’s cyber and physical security teams now sit alongside one another in the same watch center and utilize integrated intelligence processes to protect individual assets.
As Craig Froelich, CISO at Bank of America puts it, “There is no distinction between whether we think of something as a physical or cyber risk. It’s a fully blended model where everyone works in tandem to manage enterprise risk.”
Watch On-demand Webinar: Cyber-physical Converged Threats and Trends in the Financial Services Industry
The scale of the challenge
Cyber crime is a major cause for concern. However, according to a recent Dataminr- commissioned Economist Impact report, other events can be equally catastrophic to banking operations. These include the possibility of natural disasters or other physical risks destroying the physical space where businesses’ cloud servers and networking equipment are located.
The report also highlights that respondents believe organizations should prioritize the identification of physical security risks that impact digital assets as part of their digital asset management strategy. Teams
will therefore also be tracking thematic unusual social media activities, evolving organized crime activities, wider geopolitical events and more.
Download Report: Building Business Value in the Financial Services Industry
Pinpointing potential threat events can be a major challenge. Without the right tools,
the sheer volume of information from the myriad of data sources makes threat detection a time-consuming activity. It’s also incredibly difficult to cut through the false positives and determine which are most relevant or imminent.
It’s much more effective to leverage AI-powered solutions such as Dataminr Pulse for Cyber Risk. Pulse for Cyber Risk makes it considerably easier to cut through this data deluge and gain real-time actionable intelligence on a broad range of cyber risks—everything from cyber- physical risk and vulnerability prioritization to external attack intelligence and digital risk. Security teams are alerted immediately—often within seconds or minutes of an occurrence— and able to take swift and well-informed action.
While the convergence of cyber and physical threats is not new, it is most definitely increasing in frequency, impact and scope. By implementing real-time alerting tools into their security operations, banks can react faster to potential threats and better mitigate the impacts to its customers, operations and assets.
Learn more about how Dataminr Pulse for Cyber Risk helps banks better prepare for and manage cyber-physical threats.