CYBER-CRIME: 10 COMMANDMENTS OF PROTECTING YOUR FUND DATA
Today the question is no longer “can we be attacked?” but rather “WHEN will the attack happen?”
Consequences of data breaches and flaws in security are counted in millions. The threat is serious: The Bank of England, as reported by Money Marketing, has raised concerns that financial services companies do not treat cyber-crimes as seriously as they should. The UK body believes the size of the problem is such that cyber-security stress tests are planned throughout financial services providers.
Read also: 3 smart ways to manage regulatory fund data
While these threats have always been present, in the past few years the number of attacks has increased significantly, and the types of threats are much more advanced. Cyber-crime activity can be partly motivated by ego, partly by financial gain and even simply to cause disruption. Regardless of a hacker’s motivation, you need to be ready. So don’t wait until it is too late!
Check out these 10 rules table on how to best protect data against cyber-crime:
- Reinforce the role of your security officer. Make sure that management does not bypass his recommendations.
- Contract with professional external companies to regularly “ethically hack” your own systems.
- Subscribe to your closest governmental CERT/CSIRT (Computer Emergency Response Team/Computer Security Incident Response Team).
- Actively monitor security forums and blogs. Working collectively as a group is safer than working alone.
- Act immediately on any potential issues identified by your auditors, the security officer or CERT/CSIRT contacts.
- Stay up-to-date with the latest operating systems, versions of protection systems and patching.
- Proactively analyse your operating system and firewalls logs.
- Identify suspicious data outgoing leakages. They may be the sign that you have been spotted by an APT (Advanced Persistent Threats, the new nightmare of system administrators).
- Organize regular “employee security awareness days” to fight bad behaviours and social engineering (social engineering is the art of manipulating people so that they give up confidential information, e.g. passwords, bank information, access to your computer).
- Be paranoid! And remain vigilant, threats are out there and you could very well be the next victim.