Cybersecurity continues to be a key risk that businesses face today, and banking is among the industries most affected by cyberattacks. Some experts estimate that around a quarter of all malware attacks target financial institutions. Of particular concern are ransomware attacks, which have increased dramatically in the past couple of years.
The threat of ransomware is so serious that the National Institute of Standards and Technology (NIST) — developer of a widely used cybersecurity framework — recently published a draft Cybersecurity Framework Profile for Ransomware Risk Management (the Ransomware Profile).
Ransomware and risk management
Ransomware is a type of malware that encrypts an organization’s data. Once malware has infected a system, the attackers demand payment in exchange for the encryption key that unlocks the data. In some cases, they may also steal an organization’s information and demand additional payment to avoid disclosure of that information to authorities, competitors or the public.
The Ransomware Profile outlines several basic preventive steps organizations can take to protect themselves against the ransomware threat, including:
Organizations also should take steps that will help them recover from future ransomware events, including developing and implementing rigorous backup and incident recovery plans.
Backup strategies and incident response plans
Simply keeping backups of data isn’t enough. Any significant gaps in recoverable data or delays in restoring systems can be devastating for banks. So, they must back up data daily and test and periodically validate it. Also, banks should store backups offline to prevent a ransomware attack.
A well-designed backup strategy is worthless, however, without a solid incident response plan. This critical step helps banks restore systems quickly and minimize downtime in the event of a ransomware or other attack. A cyberattack is highly stressful. So, to avoid a paralyzing panic, your response plan should provide step-by-step instructions on who does what and when. The plan also should be kept offline to ensure that it’s accessible if your systems aren’t.
All banks should have a comprehensive cybersecurity plan to prevent ransomware and other cyberattacks and to minimize damages should an attack occur. If your bank doesn’t have a plan or you’re unsure whether your plan provides the protection you need, contact one of our industry leaders about conducting a cybersecurity risk assessment with ATA Secure.