Cyber Resilience

Cyber Resilience: The Banking Sector’s Top Security Priority

In this December 2021 speech, Bo Li, Deputy Managing Director of the International Monetary Fund (IMF), reinforced how digital technology permeates all aspects of society, increasing our dependency on interconnectivity and reliance on the networks that support it.

As a result, it’s essential to establish building blocks that address systemic risks that could compromise this ecosystem.

Li goes onto to identify 3 key issues around Cyber Resilience:

  • Cyber Resilience isn’t an isolated issue: As technology shifts from being a vehicle for efficiency to one that enables new ways of business and social interactions, so does the impact of threats that target weaknesses in technology.
  • Cyber Resilience isn’t a one-dimensional issue: The origin, motivation, and execution of cyberattacks are varied and ever evolving – and the various safe-guarding governance mechanisms that exist need to adapt with the same agility.
  • Cyber Resilience is a societal issue: As technology becomes an essential part of life, so Cyber Resilience becomes increasingly dependent on the behavior and choices of people and society.

These 3 issues strongly align with the Cyber Resilience challenges the banking and finance sector faces, both historically and in the current era of rapid digital transformation.

The banking and finance sector is critical infrastructure

Payments systems are vast and interconnected, personal and business banking is now performed from anywhere over a multitude of channels, open banking exposes core banking systems to third-party applications – organizations must be able to deliver these services reliably while ensuring they protect customer data, adhere to regulations , and maintain trust.

Further, the deep interdependencies between the banks, the local and global economies they serve, and the potential threats to these systems in case of instability has led the finance sector to be classified as critical infrastructure in many parts of the world. This brings their importance to society to the level of services such as healthcare, electricity, water, and telecoms.

Banking and finance firms must detect and contain cyberattacks

In line with the expectation of other critical infrastructure, organizations in the financial services sector are no longer expected to simply be able to recover and restore after an incident. They must now be able to detect and contain incidences at the outset and ensure that a minimum level of acceptable service can be maintained throughout.

The Bank for International Settlements – “the central banks’ bank” – reiterates this in their Guidance on Cyber Resilience for Financial Market Infrastructures:

“The safe and efficient operation of financial market infrastructures (FMIs) is essential to maintaining and promoting financial stability and economic growth. If not properly managed, FMIs can be sources of financial shocks, such as liquidity dislocations and credit losses, or a major channel through which these shocks are transmitted across domestic and international financial markets. In this context, the level of Cyber Resilience, which contributes to an FMI’s operational resilience, can be a decisive factor in the overall resilience of the financial system and the broader economy.”

Many regulators are seeking to uplift the Cyber Resilience posture of their member organizations, including:

Complementary to these are frameworks like CBEST from the Bank of England that allow members to assess the Cyber Resilience of their firms’ critical business services.

How Zero Trust Segmentation helps deliver Cyber Resilience

To quote Bo Li: “The increasing digitalization of financial services, in combination with the presence of high-value assets and data, make the financial system a prime target. The high level of interconnectedness across financial institutions ... creates a potential vulnerability wherein a localized cyber incident could quickly spread across markets and jurisdictions.”

Zero Trust Segmentation helps address these challenges and improve Cyber Resilience by:

  • Protecting high-value assets and data by ensuring that only authorized access is permitted, reducing the available attack surface.
  • Providing consistent visibility across the firm’s hybrid infrastructure, highlighting all dependencies.
  • Limiting access on known high-risk ports to prevent the rapid spread of ransomware.

Financial organizations globally, including 6 out of 10 of the world’s largest banks, rely on the Illumio Zero Trust Segmentation platform to improve their Cyber Resilience. 

Read our new industry guide to find out how Illumio can help implement Zero Trust Segmentation in your financial services or banking organization.

And learn how our customers in the industry stay cyber resilient with Zero Trust Segmentation:

Related topics

No items found.

Related articles

3 Cybersecurity Predictions for 2020
Cyber Resilience

3 Cybersecurity Predictions for 2020

From cyber-physical, business email compromise, voishing attacks and other cybersecurity threats - predictions for cybersecurity in 2020 by PJ Kirner.

Understanding EU Compliance Mandates: GDPR, Cyber Essentials
Cyber Resilience

Understanding EU Compliance Mandates: GDPR, Cyber Essentials

GDPR primarily focuses on data protection, data handling, and privacy concerns for EU citizens’ Personally Identifiable Information (PII).

What Common Criteria Is and How to Get Certified
Cyber Resilience

What Common Criteria Is and How to Get Certified

Learn about Illumio's Common Criteria designation from Natalio Pincever, Senior Director of Product Management for Global Public Sector at Illumio.

No items found.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?