FS-ISAC Statement: Financial Sector Responds to Microprocessor Vulnerabilities

FS-ISAC Statement: Financial Sector Responds to Microprocessor Vulnerabilities

Financial Sector Responds to Microprocessor Vulnerabilities

FS-ISAC members have an active dialog about these vulnerabilities and are keeping up to date on the latest information. While vulnerability management is a core part of most financial institutions cybersecurity practices, FS-ISAC members continue to assess the actual risk and seek additional information about the vulnerabilities and their potential impact. The FI community takes all vulnerabilities seriously and takes proactive measures to ensure proper risk mitigation.

In addition to the security considerations raised by this design flaw, performance degradation is expected which could require more processing power for affected systems to compensate and maintain current baseline performance.  Additional costs may also be a factor to maintain current system and application performance.

Even outside of the known performance hit, fixing kernel level vulnerabilities typically requires more testing than browser, office productivity applications and other patches due to the underlying direct link to the operating system.  There will need to be consideration and balance between fixing the potential security threat vs the performance and other possible impact to systems.  The current general thought is that the security risk will be lower on dedicated servers and end points (due to the expected exploit requirement to run code on an individual system) and higher on shared computers such as hosting and cloud services which use the same physical hardware (and processor) to share different (user) virtual machines.

FS-ISAC members continue to actively share information related to these vulnerabilities and utilize cyber best practices including patch management, compensating controls and proactive defenses.

For media queries, please contact communications@fsisac.com.