Pub. 4 2015 Issue 9

l e a d i n g a d v o c a t e f o r t h e b a n k i n g i n d u s t r y i n k a n s a s 8 CEO’S AND DIRECTORS ATTEND EXECUTIVE BRIEFING ON CYBERSECURITY T HE IMPORTANCE OF INFORMATION security in the financial services industry is on the forefront of monitoring as examiners observe how banks protect customer’s information. Significant increases in targeted attacks vs. opportunistic compromises have created the addition of compliance standards as pressure rises to increase awareness and thwart a breach that could irreparably damage a bank’s reputation. Most data breaches occur at the point of service or at an ATM. Breaches often occur through third party vendors that expose the entire network to fraudulent activity. Card skimmers are a common source of vulnerability and generally take days or weeks to detect. Time is of the essence to prevent a breach from spreading. It was reported that 70% of cyber-attacks have a secondary victim with 75% of attacks spreading from one victim to others within 24 hours. In fact, the primary motive for many attacks is to gain access to a secondary victim. There is an increased incidence of breaches that depend on social engineering and human interaction. About 1/3 of attacks are derived from information gained from dumpster diving, fraudulent phone calls or electronic phishing. Best practices will include extensive and ongoing training of employees to prevent this type of breach. The need for diligence and strategy has never been greater. Security information and event monitoring (SIEM) is a process of collecting network logs that need to be maintained for at least a year. This process is necessary to analyze information and detect deficiencies. In the event a breach occurs the logs will be used for data recovery and preservation of evidence. An information security program should include an IT audit that looks for potential gaps in security controls, vulnerability scanning and penetration testing. Overall controls and testing must be maintained at a high level but it is also significant to update the firewalls regularly and maintain updates on individual PC’s. Risk trends demonstrate that existing vulnerabilities continue to be exploited and day-to-day activities need to focus on fundamentals. 89% of vulnerabilities come through a small window that had patches available but never loaded. Presenters for this program included David Nelson, Jr., CISSP Integrity Technology Systems; Jeffery Rinehart, Special Agent, US Secret Service; Christopher Lamb, Special Agent, FBI; Phillip Hinkle, SLC Representative, FFIEC CCIWG and Director of IT Security Examinations for the Texas Department on Banking; Charles Bretz, FS-ISAC; and Chuck Towle, KBS. A roundtable discussion was facilitated by Mary Beth Quist, Conference of State Bank Supervisors and Phillip Hinkle. The roundtable discussions and tabletop exercise provided scenarios that required discussion on how to respond. The discussions from this exercise carried on through the end of the day. Best practices were covered as well.