CSTI
    vulnerabilityThe Commercial Era (2010-2019) Daily Briefing

    Cybersecurity Briefing: FINRA Report Highlights Key Risks in Finance Sector

    Thursday, December 20, 2018

    This morning, the Financial Industry Regulatory Authority (FINRA) releases a comprehensive report detailing effective cybersecurity practices and the common risks observed in recent examinations of financial firms. The report serves as a timely reminder of the persistent vulnerabilities in the finance sector, especially as 2018 comes to a close with numerous high-profile breaches.

    Key findings from the report emphasize the importance of rigorous branch controls. FINRA stresses that financial institutions must establish robust cybersecurity policies and procedures, including well-defined incident response plans and effective third-party risk management. These measures are critical as third-party services often introduce additional vulnerabilities.

    The report also discusses the growing threat of phishing attacks, highlighting various tactics employed by cybercriminals. To counteract these threats, FINRA recommends specific controls, including employee training and multi-factor authentication, to bolster defenses against these pervasive attacks.

    Another significant area of concern identified is the insider threat. The report underscores the risks posed by authorized personnel, which are often overlooked in favor of external threats. It advocates for enhanced identity and access management practices to minimize the potential for malicious actions from within the organization.

    In addition, the necessity of regular penetration testing is highlighted to identify and mitigate vulnerabilities before they can be exploited. This proactive approach is essential for maintaining a resilient security posture.

    Furthermore, the report addresses mobile device security, noting the increased risks associated with the proliferation of mobile technology in the workplace. FINRA advises financial firms to implement stringent security measures for mobile devices, recognizing their critical role in everyday operations and the corresponding risks they introduce.

    Overnight, discussions in the cybersecurity community reflect upon the broader trends observed throughout 2018, where numerous data breaches have affected major companies such as Marriott and Facebook. These incidents underscore the ongoing challenges in securing digital infrastructures against evolving threats.

    As we examine these developments, it becomes clear that the financial sector must continually adapt and enhance its cybersecurity strategies. The FINRA report serves as a vital resource for institutions seeking to fortify their defenses against an increasingly complex threat landscape. The implications of these findings extend beyond finance; they resonate across various sectors as organizations grapple with similar vulnerabilities and the urgent need for comprehensive cybersecurity measures.

    Sources

    FINRA cybersecurity financial sector phishing insider threat