Cyber Security Guidelines for Financial ServicesCyber security has become a critical issue due to the importance and reliance of cyber space and the internet. In fact, theft of digital information is now the largest report of fraud, surpassing physical theft. Proper security measures protect us and our nation from individuals and/or countries that would wish to harm us through technology.
The IMF reports, "Cyber risk has emerged as a systemic risk concern, following recent cyber incidents (IIF (2017), IMF (2017b), OFR (2017)). Recent surveys point to cyber risk as a main concern among market participants ranked first in the DTCC Systemic Risk Barometer (Figure 1), and second in the 2017 H2 systemic risk survey by the Bank of England (Bank of England (2017)). Successful cyber-attacks such as Wannacry in May 2017 or NoPetya in June 2017 have shown that cyber-attack can lead to severe disruptions and major losses for the targeted firms."
The World Bank also reports that, "Traditional ways of thinking about operational risk, incorporated in some regulations on cyber risk, may not be fully adequate to deal with the new reality."
Cyber security encompasses any information an individual entrusts through email and online, as well as, through the country’s infrastructure at large. The Federal Communications Commission's (FCC) role is to ensure our networks' communication is safe and trustworthy. They monitor potential threats and come up with solutions to keep networks safe.
The FCC has listed the top cyber security threats as botnets, domain name fraud, and internet route hijacking. Every business that uses the internet has the responsibility to be educated on best practices for security. The FCC has found over a third of small- to medium-sized businesses report a loss of confidential data and incurred a financial cost as a result. Not only is there now a responsibility for businesses to invest in cyber security measures; the alternative could be very costly.
The latest Cybersecurity framework 1.1 was just released by the
The Framework was created by industry experts, academia, and government stakeholders, and was developed with industries important to the nation’s economic security in mind- financial services being one of them. The Framework consists of three components:
- The core (desired outcomes)
- Profiles (organization’s unique requirements)
- Implementation tiers (how an organization manages risk)
The updated Cybersecurity Framework 1.1 includes changes on authentication and identity, self-assessment of cyber security risk, managing security within a supply chain, and vulnerability disclosure. The Framework is very comprehensive and flexible, for both small and large businesses. The industry will soon be regulated by this framework and compliance will be required in the future.
Larger businesses tend to take more security measures for their data and networks, but small businesses have become an increasing target for cyber criminals. 50% of small businesses do not back up their data, as reported by the FCC.
At Fairdinkum IT Consulting, we can help your business - whether small or large - prepare for compliance of the Cybersecurity Framework with the proper measures and technology in place. Browse our service offerings and contact us for more information.
Below, we have highlighted some of the top cyber security tips for small businesses from the FCC.
Train employees in security principles
Education is the best way to prevent cyber crimes from happening. Communicate to employees the importance of strong passwords, as well as cyber security policies.
Back up data
It’s important to regularly back up information on all computers. Back up at least weekly and store copies in a cloud.
Secure Wi-Fi networks
Make sure your Wifi network is encrypted and hidden. Hide the router so it does not broadcast the name, and make sure it is password protected.
For the complete list of top 10
Cyber Security tips for small businesses from the FCC click here.