Pub. 8 2019 Issue 6

November/December 2019 19 l e a d i n g a d v o c a t e f o r t h e b a n k i n g i n d u s t r y i n k a n s a s A-Bank has implemented is the implementation of a program to centralize all server, firewall, DNS, DHCP and other logs. These logs are archived long-term. Alerts are also configured to identify basic suspicious activity and reports are reviewed daily by the information technology team. B-Bank Established in 1906, B-Bank has an asset size of roughly $430 million dollars. They first got into technology with one workstation over 30 years ago and their technology footprint and network have grown organically since. B-Bank has a limited information technology budget and also is conservative when it comes to financial and technical risk. They do not currently offer service like mobile check capture, merchant remote deposit, and wire or ACH services via Internet banking. While B-Bank has a lower overall risk than A-Bank, they have not implemented many of the foundational controls that A-Bank has. B-Bank has a patch management program where they apply Microsoft and a few other patches. Additionally, B-Bank is running virus and malware protection program on all systems. Threat Hunting Effectiveness Threat hunting would be beneficial at both banks. However, due to the limited information technology budget, and lack of foundational cyber security controls, B-Bank would see the greatest impact in their cyber security posture by spending their time and money implementing some of the controls outlined in the Top 20 Security Controls by the Center for Internet Security, or the NSA Top 10 Cybersecurity Mitigation Strategies. A-Bank already has a mature cyber security posture and is well positioned to deploy threat hunting teams in their network. Periodically, new cyber security controls become available. Be careful not to implement a control just because the technology or practice is the latest cool thing. Evaluation of the control is an important part of any new cyber security acquisition and if properly done will ensure the greatest return on the investments of time and money. i https://www.cisecurity.org/controls/ ii https://www.nsa.gov/Portals/70/documents/what-we-do/ cybersecurity/professional-resources/csi-nsas-top10- cybersecurity-mitigation-strategies.pdf Ty Purcell is a security and compliance consultant for CoNetrix. CoNetrix is a provider of information security consulting, IT/GLBA audits and security testing, and Tandem — a security and compliance software suite designed to help financial institutions create and maintain their Information Security Program. Visit our website at www.conetrix.com to learn how CoNetrix can improve your Cybersecurity maturity. March 10 Hays March 11 Wichita March 12 Lawrence This program will provide the fundamental knowledge and training necessary for professionals working in bank deposit compliance. Focusing on comprehensive instruction in core federal banking laws and regulations, these seminars are de- signed to furnish a basic, technical foundation for an individual to develop and maintain an effective deposit compliance program and support business initiatives. Educational Resources 785-232-3444 ksba nkers.com Presented by Dylan Serrault AVP-Staff Attorney/ Compliance Auditor March 10 Hays March 11 Wichita March 12 Lawrence This program will provide the fundamental knowledge and training necessary for professionals working in bank deposit compliance. Focusing on comprehensive instruction in core federal banking laws and regulations, these seminars are de- signed to furnish a basic, technical foundation for an individual to develop and maintain an effective deposit compliance program and support business initiatives. Educational Resources 785-232-3444 ksbankers.com Presented by Dylan Serrault AVP-Staff Attorney/ Compliance Auditor