HEIGHTENED GEOPOLITICAL TENSIONS DRIVE CYBERSECURITY ALERTS FOR THE LIFE INSURANCE INDUSTRY
Originally posted at NAIFA AdvisorToday.
We are increasingly aware of the importance of staying secure in a world where cyber threats increase day by day. Heightened awareness around the Ukraine-Russia geopolitical tensions has taken cybersecurity to the next level. There are alerts and notices coming across multiple sources from regulatory bodies to industry-specific regulators, government agencies, consulting firms, and more. Samples include White House Cybersecurity Briefing, CISA (Cybersecurity & Infrastructure Security Agency), NYDFS, the Department of Homeland Security (DHS) Cybersecurity Intelligence Warning, and Accenture’s Cyber Threat Intelligence group.
Alongside these continued tensions between Russia and Ukraine is the potential for increased cyber threat activity. With military attacks, we should assume there will be accompanying cyber attacks.
The message across all entities remains consistent: For enterprises and agencies, additional security governance, guidance, and checklist are important to validate cybersecurity measures are in place. Risk and damage can range from destructive malware on systems that could result in harm to critical functions to website defacement and further damage to critical infrastructure. Proactive cybersecurity protection becomes not a nice-to-have but a requirement to detect and mitigate future threats.
Brian Edelman is CEO and Cyber Expert at FCI, an MSSP dedicated to Financial Services Cybersecurity. He recommends 9 Critical Controls to review that come directly from the alerts:
- Email filtering, cybersecurity awareness training, and phishing campaigns
- Security patches, security assessments, and mass vulnerability response
- Multi-factor authentication (MFA) for all systems and networks
- Remote access disabled unless with MFA
- Password management software with strong, complex, and unique passwords
- Least privilege access rights and controls management and review
- Endpoint Detection & Response (EDR) and Security Incident & Event Management (SIEM)
- Segregated backups and backup recovery tests
- Incident Response Plan and Test with Senior Management
Brian further states, “NYDFS did a great job of laying out Ransomware Guidance in June 2021 ahead of this news tying it to regulatory policies that apply across areas like vulnerability/patch management, password management, privileged access management, monitoring and response, and more.”
On January 15, 2022, Microsoft published a blog stating it has identified a destructive malware disguised as ransomware dubbed, ‘Disk Wiper / WhisperGate’ targeting several organizations in Ukraine that can migrate to other territories quickly. These are the types of things we have to watch out for in our industry.
As regulations increase due to managing ongoing threats, having teams and experts on your side who understand the nuances and differences between a cyber incident and breach and how to report them becomes important for managing reputational and financial risk.
Financial institutions will need to establish priorities for implementing steps to address current threats and future moving targets as new threats arise. Whether it’s continued employee awareness and training, vulnerability testing, ongoing security assessments and policy management, or implementation of the right controls and tools related to policy enforcement–the reality is that cybersecurity has become a prime-time, full-time, business-critical function.