As you have likely been following the Russia-Ukraine tensions, European and U.S. regulators are now actively warning banks to prepare for potential Russian cyberattacks.
Specifically, the New York Department of Financial Services, issued an alert at the end of last month warning banks that they could face cyberattacks from Russia, if the U.S. imposes sanctions over a potential Ukraine invasion.
“Nation-state cyberattacks are the next frontier of warfare, and we have seen some highly sophisticated nation-state attacks in the recent past. This has a direct impact on the economy, and more often than not, is targeted at critical infrastructure including financial services, healthcare, and more. Businesses in the financial services sector store, manage, and analyze a lot of individuals, business, and government data and as a result of this, has been one of the most targeted by cybercriminals.
Cyber attacks are continually on the rise in frequency, sophistication, and expense; it’s not a matter of if, but when, a cyber-attack will impact your company. Traditional methods of managing cyber risk, however, are siloed and reactive: a firewall tells you only about network security, antivirus products tell you only about endpoint security, and a SOC alerts you to a cyber incident only after it has occurred.
Organizations in the financial services industry need to adopt a proactive risk management strategy to better understand their cyber risks across people, processes, technology, and third parties, as well as the potential financial value of that risk in case a data breach occurs.”