Blog LBMC

Print Divider Print Divider Branding
 

Four Things Financial Institutions Need To Protect Against Security Threats

09/06/2017  |  By: Jason Riddle, CISSP, President, Information Security

Share

Social Logo Social Logo Social Logo Social Logo

There are several things financial institutions need to do in order to protect their data. Anymore, it's more a matter of when than if. Therefore, it's important to have a plan.

Have a Good Inventory of Sensitive Information

Banks and other financial institutions need to understand what sensitive information they have. Sometimes things like intellectual property don’t come to mind, but need to be taken into account.

Understand the Most Likely Threats

On top of knowing what sensitive material banks have on file, you need to understand the risks associated with them and what the most likely threats will be. In the form of banks those likely will be targeted toward access into financial accounts.

Implement a Monitoring System

What we’re seeing over and over again, hackers are ultimately able to succeed with one of their attacks. Monitoring and identifying when systems are attacked is crucial.

Generating a Response Plan

While companies can put processes in place to prevent breaches, it is important to have a response plan ready just in case. Even for smaller institutions, it’s fairly achievable.

We work with several banks at LBMC. They have the preventable controls, but where they have the ability to improve is the operations and the response to when it does happen. This is going to continue to happen and it’s critical to have a good response plan in the likelihood this actually happens.

Jason Riddle is practice leader at LBMC Information Security where he helps defend his clients’ networks. He has more than 15 years of experience working both as a consultant, advising commercial and government clients, and as a corporate information security officer for a financial services organization. His core areas of expertise are technology infrastructure, security and compliance, electronic payments, and developing processes to defend networks and systems against today’s advanced threats.

Originally posted in the Nashville Business Journal