From Detection to Defense: Evolving Risk Management Amid Rising Cybercrime
The cyber threat landscape continues to evolve rapidly. The year has not ended yet but we have witnessed an increasing number of existing and new threats amidst a changing regulatory landscape. This is forcing global firms, especially in financial services to enhance risk management efforts, ensuring a robust security matrix is now part of a company’s DNA.
A 2024 IBM report found that the global average cost of a data breach is US $4.88M, a 10% increase over last year and the highest total ever. These costs will only continue to rise as cybercrime continues to grow.
The World Economic Forum’s assessment of cybercrime shows that the overall rate of detection and prosecution can be as low as just 0.05%, forcing nearly every industry to embrace new solutions and act quickly to future-proof their systems and security frameworks.
What a Robust Framework Looks Like
Building and maintaining a robust risk management framework is a constantly evolving process. After six years of work at Standard Chartered, we have deployed a more sophisticated approach to managing cyber threats.
From a financial services firm’s point of view, an appropriate and robust risk management system is not overly scientific but rather is about mitigating the threat scenarios through an overarching macro view of the world. We have separated this into three main buckets – the loss of data, loss of funds, the loss of services, or all of the above. This is done through a unified approach across the firm, where we look at not only cybersecurity but also physical security and financial crime activity through a holistic lens that utilises advanced analytics and artificial intelligence to capture the current telemetry.
Artificial intelligence (AI), whilst posing its own threat regime is assisting firms in bolstering security systems in leaps and bounds. The use of machine learning technology means that firms can use more sophisticated detection tools and understand impending threats at a greater speed and scale that could not have been achieved before the current suite of automation tools existed. However, AI can also be leveraged across various threat actors, including the creation of more convincing deep fakes and increasingly targeted phishing attempts aimed at individuals. This highlights the importance of a robust security framework that encompasses the full network of employees, not just IT professionals, ensuring a holistic approach to defense.
Assessing Third-Party Threats
As part of Standard Chartered’s current assessment of the threat landscape level, we have seen a double-digit rise in the number of threats coming from third parties, such as external vendors.
Threat actors are increasingly looking to maximise the impact of their actions. Instead of targeting one organisation, they will target multiple organisations by infiltrating tools that are used across corporate ecosystems such as file-sharing or application programming interface (API) services. This results in third-party interactions requiring extra due diligence and considerations as TAs use third parties as a conduit to access other firms. The software supply chain has increasingly become a prime target for cyber attackers – since 2019, such attacks have surged by an average yearly increase of 742 per cent.
Bolstering our assessment of third parties we work closely with is increasingly paramount as firms report rising threats from this source. Teams of internal security experts are increasing simulations that focus on this evolving threat and improving lines of communication with third parties. This is so that the latter is more aware of their security responsibilities and that complying with basic security criteria when interacting with the Bank is not only required but mandatory.
Threats from initial access brokers, who obtain data and on-sell that to other threat actors, along with an escalation in ransomware attacks, also continue to dominate the imminent threat landscape. We are working to build security by default and ensure that all our tech is secure by design as part of bolstering risk management systems.
Constantly Evolving Your Framework
Deploying a successful risk management system is a constantly evolving process. We are moving away from monolithic structures and focusing on advanced analytics that target specific threats in the Bank.
Investing heavily in identity protection to act as the new firewall for firms is a priority focus at the moment. Individual permissions to bank data and systems are policed more carefully to ensure access is only granted to those who require that specific need. Ensuring that there are no security gaps through identifying and permitting access is one of the biggest challenges for security teams and requires close collaboration across all business units.
In any approach to security and risk management, there should be an element of industry collaboration, where information about existing and emerging threats is shared between peers. There is a collective appreciation among security teams that the industry is best served by the constant sharing of information on the threat landscape. Industry associations that assess the full gamut of threats across all financial institutions are of paramount importance if the industry is to stay one step ahead of threat actors.
Effective risk management is key to improving overall efficiencies. If a firm rationalises its asset estate, there is naturally less potential for security threats if there are fewer resources, meaning risk management can be deployed more effectively and sustainably.
Collaboration across any firm is a necessity to enhance effective risk management, as is a broader industry ambition to work in unison to double down on threats before bad actors have a chance to strike.