By: Gene Fredriksen, Security Strategy Consultant
2020 promises to be another banner year for cyberattacks on U.S. organizations. The growing threat of attacks in 2019 and recent years drives home the fact that hackers will use any option at their disposal to be successful. Organized criminal groups have skilled hackers continually developing new tools and techniques targeted at circumventing our financial institutions’ best controls.
Currently our country is under threat of both cyber and physical attacks from foreign groups. The U.S. Department of Homeland Security (DHS) recently held briefings on these threats, but at this point, there are as many questions as answers. They’ve issued an advisory that lists four main actions organizations should address:
- Adopt a state of heightened awareness. This includes minimizing coverage gaps in personnel availability, more consistently consuming relevant threat intelligence and making sure emergency call trees are up to date.
- Increase organizational vigilance. Ensure security personnel are monitoring key internal security capabilities and that they know how to identify anomalous behavior. Flag any known indicators of compromise and tactics, techniques and procedures (TTPs) for immediate response.
- Confirm reporting processes. Ensure personnel know how and when to report an incident. The well-being of an organization’s workforce and cyber infrastructure depends on awareness of threat activity.
- Exercise organizational incident response plans. Ensure personnel are familiar with the key steps they need to take during an incident. Do they have the accesses they need? Do they know the processes? Are your various data sources logging as expected? Ensure personnel are positioned to act in a calm and unified manner.
You can find the full advisory here, which focuses on how the cybercommunity can uphold awareness and vigilance in helping to protect our nation’s critical infrastructure during this time of tension. It’s an organization-wide effort that takes people, process and technology controls to defend the range of threats we’re seeing every day.
In response to this critical issue, the DHS has developed a program called If You See Something, Say Something. I encourage you to visit their website and explore their media, including videos and posters, to share with your credit union and members. The program is designed to educate the public on suspicious activity reporting and being aware of your surroundings to help keep our communities safe.
PSCU has a longstanding, robust cybersecurity program, and the NCU-ISAO also provides useful information and resources on this topic. Please consider reaching out to either organization as you build your credit union’s security programs. By working together and sharing information, we can collectively raise our ability to resist and survive threats and attacks to our nation’s security.
Gene Fredriksen is a co-founder and current executive director of the National Credit Union ISAO, the principal cybersecurity consultant with PureIT CUSO, and has also held the positions of CISO for PSCU, Global CISO for Tyco International, principal consultant for security and risk management strategies for Burton Group, vice president of technology risk management and chief security officer for Raymond James Financial, and information security manager for American Family Insurance.
He served as the chair of the security and risk assessment steering committee for BITS, and also served on the R&D committee for the financial services sector steering committee of the Department of Homeland Security. He also served as an advisor on various cybersecurity steering committees for the administrations of George W. Bush, Bill Clinton and Donald Trump, assisting in the preparation of the president’s Cybersecurity Position Paper.