Managing the Cyber Risk Lifecycle: From Identification to Recovery + Webinar Replay

Cybersecurity ultimately requires a concerted effort to thwart intruders at every stage of an attack, and it is essential for firms to have a practical understanding of these various security functions to most effectively manage risk and respond to an intrusion.

In a recent webinar, security experts from Eze Castle Integration and Blackpanda discussed managing the cyber risk lifecycle across the five key pillars of cyber security as outlined by the National Institute of Standards and Technology (NIST). Today’s blog article will provide a roundup of how to assess and address gaps in your current security strategy, as discussed in the webinar. To listen in on the full discussion, you can also watch the replay linked below.

Step 1: Identify

All firms are at risk, large or small. And, especially those with asset- and data-rich operations. Thus, the financial services sector must be cautious, ranking in the top three industries after Healthcare and Energy firms, globally. 

So, to begin, you’ll need to identify risks your firm is exposed to in the current landscape. This year, common risks for most hedge funds, private equity and alternative investment firms includes phishing, ransomware and business email compromise (BEC). Here are some recommendations to help you with keep these risks at bay:

• Ensure Asset Management and Vulnerability Scanning
• Develop Processes and Policies

 

Step 2: Protect

The protection function outlines appropriate safeguards to ensure delivery of critical infrastructure needs, as well as to limit or contain the impact of a potential cybersecurity breach. Firms are advised to consider adopting the following safeguards:

• MFA/Conditional Access/Administrative Accounts
• Patch Management
• Employee Phishing Training & Awareness
• Technical Safeguards
  • External Mail Tagging
  • DMARC, DKIM, SPF to Protect Your Domain Name
  • URL rewrite on Secure Email Gateway
  • DNS and/or web filtering
  • End Point Security
  • DNS Twist Monitoring

In addition to the above, there are several behavioural and environmental factors that influence whether we fall prey to malicious cyber-attacks, especially with the rise of personal information sharing via online mediums such as LinkedIn and corporate websites making it easy for intruders to trick us.

Step 3: Detect

The detect function defines the appropriate activities to identify the occurrence of a cybersecurity event, enabling timely discovery. The following technologies and strategies are strongly suggested here:

• Dark Web Montoring for Credential Leakage
• SIEM for 24/7 Monitoring, Detection and Response
• Intrusion Detection System/Intrusion Prevention System

Step 4: Respond

These next two steps are often referred to as the ‘last mile’ of the cybersecurity framework. In the occasion that an attack does occur and the security of a firm is breached, businesses are advised to respond quickly. In order to do so effectively, you will need an adequate incident response process in place consisting of the following steps:

• Incident Response Planning
• Incident Response
• Digital Forensics
• Compromise Assessments

Step 5: Recover

The final step is recovery. Having a cyber insurance policy is strongly recommended to cover:

• First-Party Loss
• Third-Party Loss
• Lost Income & Operating Expense
• Extended Incident Response Costs

Watch the full webinar replay below to listen in on the full discussion between the cyber security experts and incident response practitioners in the field.

 

For more tips and insights on all things security, join our upcoming webinars commemorating October as Cybersecurity Awareness Month:

• 14/10: Top Cybersecurity Gaps in 2020 and How to Avoid Them
• 21/10: Rush to the Edge: Addressing Risk in a Remote Environment 
• 28/10: Advanced Security Strategies & Solutions for the Digital Age