Posts

How to Spot a Phishing Email

10 Tips to Better Spot Phishing Emails

How to Spot a Phishing EmailEmail phishing activity is reaching a new high, especially in the financial services sector.

Common attacks are nothing more than online scams involving gift cards, while some are targeted spear phishing campaigns with the goal of gaining access to corporate networks. The best defense against fraudulent emails is educating end-users on how to spot suspicious emails. Phishing schemes often have signs that can trigger recipients to question their veracity. The key is to slow down and pay attention to the details. To that end, we have put together a list of ten common phishing email characteristics.

10 Signs of a Phishing Scam

  1. It just doesn’t look right – Is there something a little off with the emails? Too good to be true? Trust your instincts about the warning signs of potentially suspicious activity.
  2. Generic salutations –  Instead of directly addressing you, phishing messages often use generic names like “Dear Customer.” Using impersonal greetings saves the cybercriminals time so they can maximize their number of potential victims.
  3. Links to official-looking sites asking for sensitive data – These fake websites are often very convincing, so before revealing personal information or confidential data, examine the site to make sure it’s not a fraudulent website.
  4. Unsolicited email that uses personal details about you – Information like job title, previous employment, or personal interests can be gleaned from social networking sites like LinkedIn and then used to make a phishing email more convincing.
  5. Unnerving phrases – Thieves often use phrases meant to scare you (such as saying your account has been breached) to trick you into acting without thinking and in doing so, revealing information you ordinarily would not.
  6. Bad grammar or spelling – Grammar mistakes and misspelled words are a dead giveaway in a basic phishing attack. The use of unusual syntax is also a sign that something is wrong.
  7. Urgent request – For example: “If you don’t respond within 48 hours, your account will be closed.” By convincing you the clock is ticking, phishing scammers hope you’ll make a mistake by clicking on a phishing link or opening a malicious attachment.
  8. You’ve won the grand prize – This phishing technique is common but easy to spot. A similar, trickier variation asks you to complete a survey (thus giving up your personal information) in return for a prize.
  9. Verify your account –  These types of phishing attacks spoof real emails asking you to verify an online account with a site or organization. Always question why you’re being asked to verify – there’s a good chance it’s a scam.
  10. Cybersquatting – Often, cybercriminals will purchase and squat on website names that are similar to an official website in the hopes that users go to the wrong site, such as www.google.com vs. www.g00gle.com. Always take a moment to check out the URL before entering your personal information.

Related content: 6 Steps to Reduce Phishing 

Coretelligent’s Recommendation:

It is essential for your organization to have comprehensive solutions for cybersecurity designed by a trustworthy, proactive provider. Our CoreArmor solution offers 24/7 intrusion detection and monitoring, in-depth assessment to identify vulnerabilities, best-in-class phishing testing and end-user awareness training, and more. Your organization must be protected against emerging email threats in 2024 and beyond. Contact us today for strategic guidance on how to mitigate the security risk from phishing attempts.

by
IT Priorities

7 Top IT Priorities for Executives in 2023

Over the past few years, we’ve seen rapid technological changes, a trend set to continue in 2023. As a C-suite leader, it is vital that you are aware of the top IT priorities for this year and beyond. From ensuring robust security measures are implemented to accelerating digital transformation initiatives and managing costs effectively, executives must be prepared in this shifting environment.

7 Top IT Priorities for Executives in 2023

[ez-toc]

 

IT Priorities

 

With the speed at which technology shifts the business landscape, it’s essential to remain ahead of the curve to make the most of technology investments. So here’s a look at seven of the most critical IT priorities for C-suite executives and tech leaders in 2023.

Cybersecurity

If current events are an indicator, cyber incidents will remain a top concern in 2023. There will be plenty of cybercriminal activity from the ongoing conflict in Ukraine, bank failures, a fluctuating economy, technological advancements, and other forces.

According to a recent poll, 34.5% of executives report that cybercriminals targeted their organizations’ financial data. And in that same poll, 48.8% expect the number and size of cyber events to increase in the year ahead.

With that in mind, it is essential for business leaders to continuously review and refine cybersecurity protocols. As the threats become more frequent and intense–from government-backed intrusions to heightened supply chain attacks–security specialists forecast an even more challenging 2023. To stay safe, organizations must remain vigilant and take active steps towards proper protection now.

Some key areas to consider strengthening are MFA, endpoint security and user awareness, zero trust policies, and better evaluation of partners’ and vendors’ security policies and practices by implementing a third-party risk management program.

Privacy and Compliance

Various privacy laws from a slew of agencies and organizations are getting updated or coming on board. As a result, experts anticipate that by the end of 2023, 75% of the world’s population will be covered by a complex network of data privacy regulations and increased enforcement of those laws. As a result, executives will need to allocate more resources toward security and compliance to mitigate risk and avoid costly data breaches and fines and penalties for non-compliance.

Automation with AI, ML, and Low Code/No-code

As we grapple with cybersecurity and compliance demands, resources must be made available for leveraging the potential of artificial intelligence, machine learning, and low-code/no-code solutions to optimize productivity and profitability by 2023.

These solutions are now considered mainstays for market relevance for many verticals, including financial services and life sciences. These technologies enable streamlining workflows and processes and recouping time spent on routine tasks for investment into revenue-boosting tasks. Coupled with personnel labor shortages, AI, ML, and low code/no-code will become integral to aligning IT strategy with business strategy.

Hybrid Workplace

CTOs, CISOs, and executives facing a hybrid model should continue to focus on applying best practices in their implementation. Undeniably, the hybrid model places additional burdens on IT resources, especially regarding cybersecurity and support. But with the right strategy, a hybrid workplace can offer an organization greater flexibility and efficiency. To this end, IT professionals should focus on solutions that enable secure, remote access and collaboration across different teams and offices.

Hiring and Staffing Challenges

Labor shortages in IT and IS will continue to be an issue. As the need to further invest in IT capabilities becomes necessary, many organizations struggle with filling vital roles within their IT departments. Numerous experts are warning that this talent void won’t dissipate anytime soon, so shrewd executives and technology professionals will look beyond internal resources by partnering with a Managed Service Provider (MSP) to supplement their existing capacities.

Emerging Technologies and Trends

And if increased cyber threats, compliance, and labor shortages are not enough to juggle, leaders must also keep up with what is on the horizon with 5G, quantum computing, and other emerging technologies.

5G will continue to transform the banking and financial sectors from improvements like increasing the speed of payments to creating environments for superior data collection and more efficient backend processes. Additionally, quantum computing will bring many challenges and opportunities, including protecting data from quantum-empowered cyber criminals. Working with a strategic IT partner can help executives determine what emerging technologies to invest in and prepare for in the future.

Cyber Insurance

As the rate, intensity, and cost of cybercrime rise, the cyber insurance market is growing more competitive. Many insurers are reevaluating their underwriting requirements and giving greater scrutiny to risk mitigation and security programs. From increasing costs to more reporting requirements, more consideration will need to be given to factoring these changes into your IT roadmap.

Planning and Strategy are Key

With careful planning and strategizing, CXO and IT leaders will be ready to take on these and other critical initiatives this year. With cybercrime and data breaches on the rise, allocating resources to cybersecurity and responding to shifting compliance standards is more important than ever. Automation with AI and ML can help improve workflows and increase productivity. Outsourcing some (or all in some cases) of your IT functions can help alleviate skill gaps and other challenges from labor shortages. Executives must also stay ahead of emerging technologies and changes to the cyber insurance landscape to ensure their businesses remain competitive. By preparing for these challenges, IT leaders can ensure their organizations achieve success this year and beyond.

by
Multi-layered Security

Multi-Layered Security: How to Improve Your Cybersecurity Strategy

Are you utilizing a multi-layered security solution? In today’s escalating environment, it is not enough to just have a cybersecurity solution, instead, your company needs a robust multilayered security solution that includes multiple checks and protections against intrusions.

[ez-toc]

 

Multi-layered Security

Multi-Layered Security: How to Improve Your Cybersecurity Strategy

Cyber attacks are increasing at an alarming rate. In fact, global cyber attacks were up by 38% in 2022 over the previous year–and this trend doesn’t appear to be slowing down for 2023 either.

In light of this increase, are you putting yourself and your business at risk because of your deficient posture? The consequences of not being prepared for a data breach, ransomware, or other cyber incident are severe and include:

  • Financial loss from shutdowns and restoration efforts
  • Reputational damage
  • Personal liability
  • Fines and penalties from regulators
  • Permanent loss of proprietary data
  • Exposure of confidential and proprietary data
  • Costly lawsuits from clients, employees, and others impacted by data breaches or loss of productivity from stoppages
  • The complete failure and dissolution of your company

In evaluating your current posture,  it is important to ask yourself the following questions:

  1. When was your company’s last vulnerability assessment?
  2. Have you made the recommended improvements?
  3. Do you know how to address your security vulnerabilities?
  4. Could you defend your current strategy to investors and regulators if a breach occurred?

Defend Against Escalating Threats with Layered Security

The potential risk from a deficient or merely adequate cybersecurity posture are just too significant. The escalating cyber threat landscape requires a rigorous, dynamic, and proactive security strategy. The only way to truly protect your firm from cyber threats is with a robust cybersecurity position. The most secure approach is utilizing multi-layered security protection, often referred to as defense-in-depth. Without this method, your company is an easy target for cybercriminals, and it could  be considered negligent in the event of a cybersecurity incident.

To provide some context—your lax security approach is just as negligent as leaving your front door wide open and announcing to the world that you are out of town for the week.

 

Multi-layered Security

This infographic demonstrates the multilayered approach to security, specific best practices, and their associated Coretelligent solutions.

What Does Layered Cybersecurity Encompass?

Defense-in-depth is a system of overlapping security layers that range from easy-to-implement controls to complex security tools. These layers are designed to create an interlocking barrier, not unlike the security system at your home, which might include a door with a deadbolt, motion-detection lights, security cameras, and an alarm system that act as overlapping protections designed to safeguard your home. These individual protections combine to work as a system that is continuously protecting your home. Multilayered cybersecurity operates in the same manner. And just like your home security defends on two fronts—as a deterrent to criminals and as a barrier for any criminals foolish enough to attempt to break in—a strong cybersecurity posture defends on two fronts.

Our defense-in-depth infographic highlights the cybersecurity best practices that Coretelligent employs, including next-generation firewalls, endpoint detection and response, patch management and security updates, access management policies, advanced spam filtering, and more.

Evaluate Your Current Cybersecurity Solution

Looking to evaluate your organization’s current security coverage? Use our Cybersecurity Evaluation Checklist to help you appraise your firm’s cybersecurity readiness. This checklist is a jumping-off point to help your enterprise determine its ability to mitigate the risk of cyberattacks before it is too late.

Cybersecurity Checklist

After completing the checklist, reach out for questions about how Coretelligent can help to strengthen your cybersecurity. Learn more about what we offer, including cloud-based solutions, backup and business continuity services, IT planning and strategy, compliance solutions, and more here.

by
How to Avoid Increased Risk from Phishing Attacks

How to Avoid Increased Risk from Phishing Attacks After SVB Shutdown 

Reports of cybercriminals registering suspicious domains after the Silicon Valley Bank shutdown indicate potential coordinated campaigns to trick account holders and users across industries, including tech, life sciences, and investment firms. Learn how to avoid these phishing attacks.

[ez-toc]

 

What is a common indicator of a phishing attempt

 

Since the news about Silicon Valley Bank (SVB) dropped, much of the focus has been on how the shutdown happened and the implications for the industry and the economy at large. However, amidst the worry about the impacts lies another danger—the risk of increased cyber-attacks, particularly from phishing attempts and other social engineering. Of course, it is essential always to remain vigilant, but bad actors often take advantage of opportunities like this to ramp up their efforts.

A sudden change in business procedures can create a vulnerable window of opportunity for cybercriminals to launch malicious campaigns. As we’ve seen with other incidents, attackers have taken advantage of any vulnerabilities arising from the disruption to perpetrate attacks on other companies.

It has been reported that cybercriminals have been registering suspicious domains after the Silicon Valley Bank shutdown that can be used in coordinated campaigns to trick end-users into sharing sensitive information.

With this in mind, organizations must remain extra vigilant for phishing attempts and other social engineering tactics during times of uncertainty that cybercriminals can exploit.

How to Avoid Phishing Attacks?

Here are some tips to help your firm avoid phishing attacks:

  • Expect an increase in phishing, social engineering, and phone calls and email attempts to gain access to your data and accounts.
  • Attackers will use language to appeal to your emotions. For example, click this now, urgent, your money is running out, etc.
  • Finance teams must carefully verify and validate any account changes or new account requests.
  • Implement multifactor authentication if your organization does not already employ it.
  • Ensure that employees are aware of the increased risk and ensure they can recognize social engineering and phishing attempts.
  • Follow up with a regular training program for end-users to ensure employees are always ready to identify the latest tactics utilized by cyber attackers.

What is a common indicator of a phishing attempt?

  • Here are some of the usual signs of an email phishing attempt. Often phishing schemes will include several of these markers.
  • An email sent from an address that does not match the domain associated with the sender. For example, if you receive an email from someone claiming to be from SVB but with a different domain name in the “from” field, this should be a red flag.
  • Emails with misspelled words and grammatical or syntax errors could also signal a malicious attempt.
  • Emails that include links or attachments should be carefully scrutinized. It is always best to err on the side of caution and not click links or open attachments until you can confirm that they are from a trusted source.
  • Unsolicited emails that ask for or direct you to a link or document asking for personally identifying information (PII) like passwords, wire transfer details, login credentials, or other sensitive data should be treated with extreme caution.
  • Finally, if an email contains a sense of urgency, includes offers of immediate assistance, or requests payment now, this could be a sign of a phishing attempt. Again, be sure to take the time to independently verify the request before taking any action.

If you encounter any of these signs, it is best to flag the email and alert your IT department immediately. Taking precautions to protect yourself from phishing attempts is critical in safeguarding your company’s data.

Related Content: Why are Phishing Emails so Dangerous, and How Can You Spot Them?

It is essential to remain vigilant when there is heightened risk from cyber criminals taking advantage of a highly volatile situation like SVB’s recent closure. By following best practices such as implementing multifactor authentication, conducting end-user training, and relying on a multilayered cybersecurity program, you can protect your business from cyber criminals looking to take advantage of the uncertainty during this and the next inciting incident.

by

What is Governance, Risk, and Compliance?

As a C-level executive in the financial services industry, you are constantly looking for ways to optimize your firm’s operations, achieve strategic goals, and reduce risk. Governance, risk management, and compliance (GRC) can help you do just that.

GRC is a framework designed to help organizations align their objectives with risk management and compliance policies.

[ez-toc]

What is governance risk and compliance?

 

In today’s highly regulated business environment, organizations need to have a comprehensive GRC system that enables them to manage their risks effectively, comply with regulations and laws, and meet the needs of their stakeholders. Let’s explore why organizations need effective GRC and how it can help them achieve their strategic goals.

What is GRC?

GRC comprises three key components to align policies, reduce risk, and ensure compliance.

Governance is the process of developing and adhering to policies, procedures, and practices that support an organization in meeting its business objectives. An effective governance system helps ensure that the organization makes decisions aligned with business goals. In addition, by establishing effective governance, organizations can ensure that their plans are being implemented effectively and have the necessary structures, processes, and systems in place.

Risk Management is the process of identifying, assessing, and mitigating risks associated with operations within the firm or from external threats the firm faces. An effective risk management program will help identify potential risks early so that they can be addressed before they become significant issues.

Compliance is the adherence to mandated internal and external standards, regulations, and best practices that must be met for a firm to operate responsibly and fulfill legal obligations. Good compliance requires an effective combination of policies, procedures, training, monitoring, and corrective action.

Why Does My Firm Need a GRC Program?

Financial services firms are under tremendous pressure from increased regulations, heightened scrutiny from investors, clients, and other stakeholders, and rising security risks. However, according to Hyperproof, 65% of businesses still manage IT risks using an “ad-hoc, reactive approach, with siloed processes and disconnected tools.”

A robust GRC response can benefit these firms by helping them address expanding regulations, control risk across all business units, reduce the cost associated with audits and due diligence questions (DDQs), improve compliance processes, and streamline reporting requirements.

Related Content → IT Security and Compliance. What’s the Difference?

By combining these three components into one unified system—GRC—firms can benefit from a variety of outcomes, including:

  • Improved efficiency across departments
  • Increased visibility into compliance requirements
  • Reduced costs through streamlining processes
  • Better identification of potential risks
  • Streamlined reporting
  • Better decision making
  • Enhanced stakeholder confidence
  • Strengthened brand reputation
  • Improved organizational agility
  • Amplified data security and privacy protection

By bringing governance policies and procedures, risk management, and compliance programs together, firms can swiftly adapt and adjust as needed while remaining compliant with all applicable regulations and internal best practices. Moreover, with integrated GRC—it will become easier for executives to confidently navigate today’s complex world of risk analysis and regulatory compliance more successfully.

Solving GRC

In the past, GRC organizations implemented GRC as distinct activities. Processes and systems were created in silos and often in response to a specific trigger—like new regulations, security incidents, or audit findings – without integration throughout the company. The approach created a web of inefficiencies, redundancies, and inaccuracies that left businesses vulnerable to fines and penalties, lawsuits, reputational damage, and even loss of revenue.

In today’s world of increased risks and shifting compliance, it is of the utmost importance to implement a GRC solution that creates an effective foundation for recognizing, assessing, and controlling risks. In addition, organizations must remain continuously vigilant and responsive to the ever-evolving risk and compliance environments with ongoing monitoring, support, and guidance.

GRC tools should also reinforce and streamline your policies, procedures, and processes. Given the complexity of the financial services industry, many firms are choosing an IT partner with domain expertise and one that provides strategic guidance and know-how in addition to a technology platform.

DOWNLOAD → Read more about the must-have elements of a GRC platform and IT partner in Understanding Governance, Risk Management, and Compliance for Financial Services.

by
SOX Compliance Requirements

What is SOX Compliance & What are the Requirements? (2023 Update)

As cyberattacks increase and intensify, the hardening of security measures becomes even more of a necessity, as does compliance with a network of laws and regulations, including SOX compliance.

[ez-toc]

SOX Compliance Requirements

What Is SOX Compliance?

First passed in 2002, the Sarbanes Oxley Act (SOX) requires publicly-traded companies to maintain transparency in financial reporting, preventing fraudulent accounting activities, protecting investors, and improving investor confidence.

The Act includes compliance requirements about external auditors, corporate governance, internal control assessments, and financial disclosures.

SOX IT Compliance Requirements and Reporting

When it comes to IT, SOX compliance requires firms to have policies and procedures in place to prevent, detect, and disclose material cybersecurity risks and incidents. Companies also need to prove that they have data safeguards and procedures in place and that they are operational. This includes quality access management, preventative security measures, and redundant and secure backups.

Additionally, another requirement is that security systems must be able to detect data breaches, and the organization needs a communication plan for notifying leadership and investors of identified breaches. In reporting and during an annual SOX compliance audit, businesses must attest to and provide evidence that these internal controls exist.

One extremely challenging SOX cybersecurity requirement is that businesses are responsible for reporting material cybersecurity risks within four business days after the registrant determines that it has experienced a material cybersecurity incident. This can mean that an organization must disclose a risk or incident before regular reporting or a yearly SOX audit.

Related Content → IT Security and Compliance. What’s the Difference?

SOX in 2023

In both 2011 and 2018, the SEC published guidance for interpreting existing rules in connection with cybersecurity threats and incidents.

However, in 2022, the SEC recommended a proposed rule that would require registrants to provide enhanced disclosures about “cybersecurity incidents and cybersecurity risk management, strategy, and governance.” This rule is part of the Fall 2022 Unified Agenda of Regulatory and Deregulatory Actions released by the Office of Information and Regulatory Affairs. SEC Chair Gary Gensler released a statement in early 2023 acknowledging the Commission’s support of the proposed agenda.

It is significant to note that SOX requires signing officer(s), typically an Executive Officer, to attest that the information in their internal control and financial reports is accurate. They cannot contain any false statements, nor can they omit material information. They also need documentation demonstrating that the organization is SOX compliant. Intentionally or inadvertently generating misleading compliance reports or falsifying information not only leads to noncompliance but can also result in upwards of $5 million in fines and 20 years in prison.

In 2022, the news that Uber’s CISO was convicted of federal charges for failing to disclose a 2016 data breach broke, demonstrating just how severe the consequences of non-compliance can be for individuals as well as companies.

Understanding Risks and Their Impact

How do you know what your material cybersecurity risks and incidents are? How do you know if your firm has experienced a breach?

If your IT team does not have the expertise to continuously analyze risks and understand SOX compliance requirements, they may not see correlations that signify a material risk. Without expert guidance, your firm may miss the context or severity of threats. Businesses may not report minor security incidents deeming them to be immaterial. But what if all these smaller threats and incidents turn out to be a much larger problem? Unable to see the connection between events, an organization could unintentionally omit a material cybersecurity risk in its reporting.

Even worse, failure to evaluate the risk appropriately can lead to security breaches, data loss, lawsuits, and other costly damages.

With such high penalties for failure to appropriately disclose material cybersecurity risks and incidents, it is critical for businesses to implement compliance processes and risk management practices to identify and assess threats across their network. Identified risks need to be assessed and treated appropriately and promptly. This process of assessing and implementing measures to modify risk is known as risk treatment.

To understand the risks in your firm’s environment, it needs continuous network monitoring and the expertise and systems for evaluating and conducting a risk assessment. Partnering with an IT firm with specialized knowledge of the compliance requirements outlined in SOX is ideal to ensure compliance and improve your security posture.

Actively Monitoring for Cybersecurity Threats

There is a difference between performance monitoring and cybersecurity monitoring.

Performance monitoring lets you know if systems are operating efficiently, but it doesn’t tell you what security threats exist or the severity of those risks.

In 2023, the risks from malicious cyberattacks and technology are substantial and are a constant threat. It is no longer acceptable to run occasional cybersecurity scans and assume you are seeing an accurate picture of your overall security posture. Instead, to have a complete understanding of the risks and incidents that occur on your network, you need 24x7x365 activity monitoring.

With a managed detection and response (MDR) platform, a team of security analysts with skills in forensic analysis can identify, evaluate, and provide a response plan to threats and breaches within your network.

SIEM Technology

Without the help of security analysts and security information and event management (SIEM) technology, you may not see the significant link between small risks or incidents.

Security experts use SIEM platforms to correlate and analyze threats. This helps to provide context and severity of risks, which is instrumental in determining materiality.

Keep in mind that you need a security expert to utilize the full benefits of these types of internal security controls.

Meeting SOX Compliance Requirements with Comprehensive Cybersecurity

As mentioned, to maintain SOX compliance, your organization needs to be able to measure the materiality of cybersecurity risks and incidents.

Without the right tools, expertise, and testing, your business could experience a breach causing tremendous financial costs, permanent data loss, or even closure.

Even if your organization is not required to be SOX compliant, implementing internal controls and data protection procedures increases your overall security posture. For a private company or a non-profit, which are not mandated to have SOX compliance programs, creating and monitoring security controls is considered to be a cybersecurity best practice.

Related Content →  Evaluate your security readiness with our  Cybersecurity Checklist.

To learn more about SOX cybersecurity and compliance solutions, reach out to Coretelligent’s team of experts.

by
Financial Services Compliance

Financial Services Compliance: What to Know in 2023

Financial services compliance is a dynamic target with extreme consequences for non-compliance. For financial services firms, there is absolutely no room for error. Firms must remain vigilant to ensure they meet their obligations under a growing set of laws, regulations, and standards.

The Intersection of Financial Services Compliance & Technology

[ez-toc]

Financial Services Compliance

In the financial services sector, compliance has always been a significant concern. While earlier methods of compliance reporting were largely manual, the intricate nature of today’s financial services compliance and security challenges renders such methods obsolete. To navigate this intricate landscape, firms need to move beyond traditional check-box compliance methods. Instead, they should adopt comprehensive compliance platforms complemented by specialized advisory services.

Regulatory agencies introduce security and compliance measures to bolster the global economy’s stability and safeguard consumer privacy. The surge in third-party affiliations further underscores the importance of enhanced management to minimize risk. Meeting the specific reporting and data management standards set by these entities requires financial services firms to establish intricate, often expensive, and time-intensive systems. Yet, the cost of non-compliance is even steeper, with potential repercussions ranging from fines and sanctions to reputational damage and revenue loss.

The Compliance Landscape for Financial Services

Highlighted below are several of the most critical regulations and standards that must be met by the financial services sector:

  • FINRA

The Financial Industry Regulatory Authority (FINRA) is an independent body that oversees the brokerage community, assisting both investors and firms. Its primary goal is to maintain a safe and fair market. To achieve this, FINRA regularly updates its rules in response to global market changes. A significant focus of these regulations is on advanced cybersecurity measures. These standards aim to guard against cyberattacks, identify system breaches, and establish plans for business continuity and breach responses.

  • SEC

Financial firms must adhere to regulations set forth by the Securities and Exchange Commission (SEC). The SEC promotes fairness, transparency, efficiency, and compliance of all publicly-traded companies in the U.S. Financial firms are required to comply with the SEC’s Financial Reporting Requirements, which include annual and quarterly reporting as well as other periodic filings. Financial firms must also adhere to SEC governance and risk management standards, such as cyber risk policies, identity theft prevention plans, data security processes, insider trading safeguards, and more.

The SEC Chair, Gary Gensler, recently expressed his support of the Office of Information and Regulatory Affairs Fall 2022 Unified Agenda of Regulatory and Deregulatory Actions, saying the agenda “reflects the need to modernize our ruleset, moving deliberately to update our rules in light of ever-changing technologies.”

  • SOX

First passed in 2002, the Sarbanes-Oxley Act (SOX) was established to protect individuals by increasing transparency in the financial services sector and requiring formalized checks and balances for individual entities. In today’s world, SOX compliance is aimed at limiting access to internal systems that contain confidential or financial data. Fortunately, SOX internal controls are also solid business practices that can enhance your firm’s cybersecurity risk profile and reduce the threat of insider attacks.

  • Due Diligence Requests (DDQ)

Compliance with investor due diligence requests (DDQs) has become more and more complex as the Financial Services industry grows. DDQs typically involve detailed information about financial operations, accounting practices, and related risk factors. Responding to these inquiries can be difficult, but it’s necessary in order to maintain regulatory compliance and build trust with investors. Financial services firms need to develop a reliable system for tracking and responding to DDQs quickly and accurately, as well as an audit trail of the communication process to prove compliance.

  • Cybersecurity Insurance

Cyber insurance carriers have expanded their compliance requirements and increased their schedule of audits to ensure that firms have robust controls in place. These audits assess security protocols, policies and procedures, disaster recovery plans, and more. Financial services firms must plan ahead for these inspections by having the right personnel prepared with well-documented processes and systems to prove compliance. Additionally, firms should have an external cybersecurity partner who can provide executive-level support to ensure the audit is successful.

Cybersecurity & Compliance: What’s the Difference?

Security and compliance are often mistakenly assumed to be synonymous, yet they are, in fact, distinct. Security and compliance are both essential, yet their purposes vary. While security is meant to protect data and infrastructure, compliance serves as a means of meeting legal or regulatory obligations.

Compliance and security have similar objectives around managing risks and securing sensitive data and systems but have different processes and workflows to accomplish these goals. Put simply, compliance is the act of meeting contractual or third-party regulatory requirements by adhering to set guidelines and standards. On the other hand, security requires implementing effective technical controls in order to safeguard assets from cyber attacks.

Both are critical for the financial services sector.

Solving Compliance Now & Into the Future

As we move into 2023, financial services firms face an evolving landscape of stricter and more comprehensive regulations. To navigate this, it’s imperative for these firms to stay informed and adapt. They should invest in the right IT infrastructure, recruit skilled personnel, and collaborate with trusted external partners. Moreover, having efficient systems to address DDQs promptly and accurately is crucial. Ensuring they maintain robust cyber insurance policies is equally important. By proactively taking these measures, firms can not only ensure compliance but also effectively mitigate potential risks.

Understanding the evolving world of IT compliance for financial services firms is an ongoing conversation, not a one-time decision. Learn more about the compliance obstacles facing the financial services sector. Download Coretelligent’s complimentary whitepaper: How Financial Services Firms Can Manage Compliance.

 

by
What you need to know about cyber insurance requirements with image of shield and technology and coretelligent logo

What Is Cyber Insurance Compliance? What You Need to Know

The average cost of a data breach in 2022 in the U.S. reached a new all-time high of $9.44 million, according to IBM. With this continued rise in cybersecurity incidents, financial services firms are a popular target for cyberattacks.

However, obtaining cyber insurance can help mitigate these attacks’ financial burden. Now more than ever, financial services firms are strongly encouraged to get cyber insurance due to the intensifying threat landscape and increasingly complex requirements from regulatory bodies or authorities such as the SEC and FINRA.

Because of these developments, many businesses have turned to managed service providers (MSPs) for their expertise to manage cyber insurance compliance.

Cyber Insurance Compliance

What is Cyber Insurance Compliance?

Cyber insurance helps to mitigate or lessen the financial burdens from a data breach or other cybersecurity incident should your business fall victim. Still, as more and more companies file claims, the cost of cybersecurity insurance continues to rise. Premiums increased 79% in the second quarter of 2022 alone.

As the cost and frequency of cyberattacks increase, cyber insurance companies are forced to cover more payouts which causes a premium increase across the industry. Along with this premium increase, insurers also implement increasingly more stringent minimum security requirements for applicants for cyber insurance coverage.

Previously many of these requirements were simple checkbox practices you could complete once and forget; now, insurance companies are shifting to an active monitoring approach. This includes conducting periodic scans of your cybersecurity systems to ensure you maintain the required standards for coverage. If your external cyber footprint strays from secure standards, you expose yourself to a risk of adjusted premiums or a complete loss of coverage.

Benefits of Partnering with an MSP

Due to this active monitoring approach, many financial services firms are partnering with the experts at an MSP for guidance and maintenance of their internal and external cybersecurity environments that adhere to the insurance requirements.

Partnering with an MSP can provide additional benefits to firms, too.

  • Access to industry expertise and knowledge

As with the financial services industry overall, there is no one-size-fits-all for insurance coverage. Internal and external security posture and cybersecurity practices play a big role in deciding required insurance minimums so working directly with an MSP can help you become a better candidate for cyber insurance coverage at a lower premium.

MSPs help ensure you have the proper cybersecurity and data protections before applying to improve your chances of approval for coverage. In fact, in many cases, an MSP has established relationships with preferred cyber insurance providers that benefit their clients.

  • Compliance as a Service and Cyber Insurance

With compliance as a service (CaaS) products, a Governance, Risk, and Compliance (GRC) platform is included with your service. This platform allows organizations to track, manage, and report on compliance related to industry-specific laws and data security standards. This is integral should you experience a data breach or other cyber incident.

When filing your claim, proof of a business’s compliance is often required at the time of the incident, or you will be denied—utilizing compliance as a service product makes obtaining this proof much more straightforward. Access to a GRC and assistance filing a claim from your MSP through these services save you time when it matters most.

Streamlining the Requirements of Cyber Insurance

Gone are the days of simple checkbox requirements for obtaining cyber insurance. Companies must adhere to more stringent requirements in today’s market to obtain and maintain their policies. Working with an IT partner to gain cyber insurance coverage has many distinct advantages.

MSPs assist you during the application process and help secure lower premiums through vendor relationships. They ensure your company stays compliant with your policy and external regulations. If you face a data breach or attack, MSPs guide you in filling out claims forms. They also provide the necessary documentation to your provider when submitting your claim.

Next Steps

The cyber insurance market and models will continue to evolve. With compliance assurance and engineering excellence, the professionals at Coretelligent are helping financial services organizations find the path forward. A partnership with Coretelligent can help financial services firms establish themselves as insurance candidates, lower premiums, and mitigate overall risk.

Learn more about CoreComply, Coretelligent’s full compliance solution that streamlines and enables compliance, third-party risk management, DDQ, and cyber insurance audits.

by
What is cyber hygiene and cyber hygiene best practices?

What is Cyber Hygiene & Why is it Important? (Best Practices)

Cyber HygieneWhat is Cyber Hygiene?

The consistent implementation of cybersecurity best practices to ensure the security and handling of your networks and critical data is what is known as cyber hygiene. Coretelligent will be sharing information and resources to help you fortify your cyber hygiene and keep your business safe from  threats.

7 Cyber Hygiene Best Practices

We have put together a list of cybersecurity tips as a quick introduction to persuade your team to assess your firm’s current security readiness from a cyber attack.

  1. Double (or triple) up on login protection.

    Enable multi-factor authentication (MFA) across your organization for all accounts and devices to ensure that only authorized users gain access to your secure data. CISA’s Multi-Factor Authentication (MFA) How-to-Guide is a good resource for more information.

  2. Shake up your password protocol.

    According to the NIST guidance, users should consider using the longest password or passphrase permissible. Encourage end-users to switch up passwords across applications, accounts, and websites. Using unique, strong passwords can make it more difficult for cybercriminals to gain access and protect your organization in the event of a breach.

    A password manager and online password generator can be employed to generate and for remembering different, complex passwords. Another solution is to employ SSO to control passwords centrally and avoid user password sprawl across various platforms, which can lead to poor password choices, reuse, and insecure safekeeping.

  3. If you connect, you must protect.

    Whether it’s a laptop, smartphone, or another networked device, the best defense against viruses and malware attacks is to perform updates on a regular basis to verify that the latest software updates get applied to your software, browser, and operating systems.

    A plan that includes the automatic security update is a critical layer of security and part of a multi-layered defense strategy.

  4. Don’t get hooked.

    Cybercriminals use phishing tactics, hoping to fool their victims. So, if you’re unsure who an email is from—even if the details appear accurate— or if the email looks phishy, do not respond, and do not click on any attachments or suspicious links in emails.

    Instead, report the phishing attempt to help your IT team and email provider block other suspicious fake emails before they arrive in your inbox. In addition, the use of random phishing simulations is a valuable exercise to help end-users spot phishing attempts.

  5. Beware of social engineering traps.

    Many people don’t realize that many of the posts seen on social media asking for seemingly random details are created by criminal networks. They use these posts to gather data that can be mined for potential passwords and other secure information.

    For example, posts like, “What car do you wish you still had?” or “Tag your childhood best friend” can be used to help criminals work out the answers to your security questions.

    Not only can these tactics impact personal data but are used to target employees in order to gain access to corporate networks. Read CISA’s Social Media Cybersecurity Tip Sheet for more information about good social media and cybersecurity practices.

  6. Don’t forget about mobile.

    Most connected Internet of Things devices are supported by mobile applications. Mobile devices are often filled with suspicious apps running in the background, or using default permissions users never realized they approved, which are gathering personal information and login credentials without the user being aware.

    A robust cybersecurity posture should include a plan for protecting data from employees using compromised mobile devices to access to corporate networks.

  7. Stay protected while connected.

    Using Virtual Private Network (VPN) for employees remotely connecting is the best way to protect networks. A VPN creates a secure connection that encrypts information so that it’s hidden as it travels. This connection makes it harder for attackers to see and access data.

    VPNs are essential when accessing sensitive data like personally identifiable information (like social security numbers) or protected health information, especially when using public wi-fi networks. In today’s hybrid workplace, VPNs are a must to protect against suspicious activity.

From a phishing attack to a ransomware attack, cyber threats are constantly evolving. If you are unsure whether your firm employs good cybersecurity hygiene best practices or not, then it may be time for a security check-up.

Remember, cybercriminals will use any security vulnerabilities they can find to gain access and steal data. You can start with these cybersecurity tips and move on to using our free Cybersecurity Checklist to review your security measures.

Download the Cybersecurity Checklist

 

Coretelligent is here to help with advice from our cybersecurity experts. Protect your business and learn more about our enhanced managed cybersecurity services designed specifically for small-to-mid-sized companies. Reduce your risk from security incidents – contact us today for help responding to your cybersecurity gaps.

by
Lessons Learned from Data Breaches

Lessons from the Biggest Data Breaches in 2022

Data Breaches 2022 Humans tend to move on to the next big thing quickly, and with rapidly changing security and regulatory environments, CISOs are no different. We all face new challenges daily, but as we focus on the latest priority in front of us, we must also remember to look back and revisit previous events to ensure we’re practicing hard lessons learned.

Thousands of hacks and data breaches have been reported this year, with victims ranging from public and private companies to local governments and school districts. However, several breaches stand out to me, and now that the dust has settled on them, I think they warrant a deeper dive to uncover what lessons can be gleaned from them.

In this post, I’ll share the story of three data breaches and highlight the salient details you need to know to protect your organization in this age of cybercrime.

Three Significant Data Breaches in 2022

  1. The Okta Breach

Okta works with several partners to help manage its enterprise. Hackers targeted an employee of one of these partners, the Sitel Group, who had privileged access to provide customer service to Okta clients and data. That account was empowered to reset passwords and reset multifactor authentication.

The Sitel Group serves many more customers than Okta. To perform their jobs, support staff often need administrative privileges in their customer’s environment. The attack highlights the increased risk of outsourcing access to your organization’s internal environment.

  1. The Microsoft Breach

In March, Microsoft revealed that an employee account was compromised, which granted hackers “limited access” to Microsoft’s systems and allowed the theft of the company’s source code. Microsoft referenced the hackers’ use of “social engineering and identity-centric tactics” in a blog post detailing the breach. This attack illustrates why training employees about phishing and other social engineering tactics is so important.

  1. The Nvidia Breach

Nvidia, one of the world’s largest graphics processing unit (GPU) manufacturers, was breached in a cyberattack that resulted in the theft and release of over a terabyte of proprietary data and over 71,000 employee credentials. In a statement after the breach, an Nvidia spokesperson did not disclose how hackers were able to gain access, only referring to the attack as a “cybersecurity incident,” but a well-known hacking group quickly took credit for the attack.

What Do These Attacks Have in Common?

It is no coincidence that I am looking back at these three cyber events. The hacks were all claimed by a hacking group known as the Lapsus$ group. Lapsus$ claimed responsibility for the Okta breach, the Microsoft breach, and the breach of Nvidia, among other high-profile targets. The most surprising piece of information about that group is it’s allegedly run by a group of teenagers.

Lessons to be Learned from Teenagers?

The tactics used by the Lapsus$ group are wholly unsophisticated but have still proven time and time again to be effective. The good news is that because their tactics are easily thwarted, organizations have plenty of opportunities to avoid getting hacked by following best practices.

  • Lesson #1: Lapsus$ primarily relied on social engineering schemes to gain access to a target directly or seek access via an organization’s supply chain or service providers. The group claimed that its goal was financial and that it had no political agenda; however, its chaotic approach caused just as destruction in its pursuit of exploiting data.
  • Lesson #2: The Lapsus$ group’s attacks should be a reminder that even the most robust cyber defenses can be circumvented if attackers exploit weak links in the chain. These weak links can be found in both the technical and human domains, but the likeliest way for hackers to gain access is via end-users. As a result, organizations need to be vigilant in educating employees about cyber threats and how to identify and avoid them.
  • Lesson #3: Third-party risk management is also critical in protecting against the type of supply chain attack used against Okta. Companies need to vet their service providers and have security protocols in place to prevent attackers from exploiting these relationships to gain access to sensitive data.

Related Content →  What’s a Supply Chain Attack? Watch the video to learn more.

  • Lesson #4: Additionally, the Lapsus$ group’s attacks show that even small groups of relatively primitive attackers can cause much damage. This fact should be a reminder that organizations must be prepared for all threats, not just those from well-funded and well-developed cybercriminals.

It is important to remember that breaches can and will happen, whether perpetrated by Lapsus$ or other sources, and your company’s response can make all the difference in whether it will survive unscathed. The risk of lost revenue, fines and penalties, and reputational damage require that your company set and follow disaster response and recovery plans.

Reduce Your Risk from Data Breaches?

There are a variety of actions your firm can take to reduce your risk of being hacked, but here are a few key points to keep in mind:

  • Employ multifactor authentication.
  • Review all critical users’ access levels.
  • Perform due diligence for service providers and third-party vendors.
  • Conduct tabletop exercises to identify possible gaps in controls and training. For example, if an internal employee shared their credentials with an attacker, how could you tell?
  • Take care of your employees. Disgruntled employees are more susceptible to bribes.

Data Breaches 2022

Related Content →  Evaluate your security readiness with our  Cybersecurity Checklist.

Next Steps

Lapsus$’s attacks are a reminder that cyber defenses can be circumvented if attackers can exploit the weakest links in the chain. The best defense is to employ a multilayered cybersecurity solution that includes end-user training, comprehensive security policies and protocols, incident response planning, regular security audits, and more.

In today’s digital world, data is the new currency. And like any other type of currency, it needs to be protected from those who would exploit it. Unfortunately, the Lapsus$ group is just one example of the many cyber criminals out there looking to profit from the data of others.

Whether you work with an internal team or outsource your IT functions, employing robust cybersecurity solutions and regularly reviewing them against your risk profile is critical. Reach out to our security professionals for help evaluating your cybersecurity program to find gaps and areas that need improvement. Implementing security controls is not “set it and forget it” but must routinely be assessed to match the needs of your business and the external challenges of today’s cyber landscape.

JasonAbout Jason

Jason Martino is passionate about the intersection of security and compliance. He is responsible for Coretelligent’s internal cybersecurity programs, governance, risk, compliance activities, and educating staff and customers on an ever-evolving threat landscape.

by