As the upstream and downstream become more interconnected and complex, cyber security teams have an exponentially growing scope. This has elevated cyber security to the top of executives’ priority lists and put the threats and risks associated with it into board agendas. Once an afterthought, cyber security is now a crucial factor in the design of products, services, and technology roadmaps. Not only has this allowed for a better allocation of funding and resources, it has become a material factor in a plethora of business decisions.
"Cyber Everywhere" Calls for More Intelligence Sharing
The need to embed cyber security into every aspect of the business calls for more intelligence sharing. If each firm only acts based on their limited view of the world, they will constantly be reinventing the wheel, which quickly eats up the significant resources required to stay ahead of threat actors. With intelligence sharing, we can adapt much more quickly to the constantly shifting strategies of our adversaries, who have their own sharing platforms enabling them to keep up with the latest attack tactics.
Through SWIFT ISAC, we share intelligence across our 11,000-member community of institutions on the latest modus operandi, tools, tactics, techniques, and procedures that we have seen used in attempted payment fraud. This enables our customers to immediately apply this information to their environment connected to SWIFT. We also share back and forth with FS-ISAC, which has a broader mandate of intelligence sharing on all threat vectors across the entire financial services industry.
Automation Requires Investing in People
Automating the more technical aspects of sharing, such as widespread use of the STIX and TAXII format and protocol, has enabled us to share threat intelligence even faster. As technologies such as artificial intelligence and machine learning continue to increase in sophistication and accuracy, even more technical aspects of cyber security currently executed by humans will become automated, freeing up more human brainpower to focus on wider cyber security strategy.
As threat intelligence feeds further industrialise, investing in the human capabilities that will enable a more predictive approach becomes pivotal. As the attack surface grows, anticipating how threat actors will evolve and attack next is quite possibly the only way forward.
Investing in Trust
Human judgment sits at the heart of the fight against cyber crime. This means that industry members need to make a steadfast effort to build and sustain trust among their peers to share intelligence at the speed, scale, and depth that is necessary. We need to continue to build trusted peer-to-peer relationships and maintain the personal nature of trust.
Being part of an intelligence sharing community is both a privilege and a responsibility. Building trust on a consistent basis can encourage more institutions to actively share, and not just consume intelligence. The more people share, the better the quality of our intelligence will be. In a world where limitless opportunities come with limitless risks, high-quality intelligence is an invaluable tool in the fight against rapidly changing cyber threats.
New data-driven business models, APIs, fintechs and advances in Big Tech add value to our lives and to businesses. They also, however, significantly increase the attack surface of the financial services industry, heightening cyber risks and amplifying the coverage of threat intelligence. In this rapidly evolving threat landscape, intelligence sharing is a must. Moreover, processing the firehose of data requires more automation and more importantly, investment in the people who will ultimately use this data for nimble and effective decision-making.
© 2020 FS-ISAC, Inc. All rights reserved.
Karel De Kneef has worked at SWIFT for 25+ years and is currently the co-operative’s Chief Security Officer (CSO). In this role he oversees all SWIFT’s global security functions including logical and...Read More
physical security. In addition to the security of SWIFT offices, Operating Centres (from which SWIFT controls its core platforms) and staff, he is also responsible for the Customer Security Intelligence (CSI) team and the Customer Security Programme (CSP).