Article
Cyber Security

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

By Kristian McCann
December 07, 2024
undefined mins
Share
The cybersphere dictates financial services sector must remain agile and proactive. PICTURE: Getty
FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

In an era where the financial services sector faces increasingly sophisticated cyber threats, a robust cybersecurity framework has become paramount. 

With complex supply chains, rapid advancements in technology, and persistent threats from bad actors, financial institutions must navigate an intricate landscape of risks.

Thus, understanding the evolving threat landscape and adopting best practices are crucial for building cyber resilience

To delve deeper into the challenges and opportunities in this space, we spoke with JD Denning, CISO at FS-ISAC.

JD Denning FS-ISAC

Fundamentals of a strong network

A strong cybersecurity framework begins with a comprehensive understanding of one’s system. 

JD explains, “Things change, and teams don’t always keep track of hardware, software, and apps attached to their networks on-prem, remotely, or in the cloud. Companies need to take the proper steps to tighten firewalls and enhance security measures because the threat landscape is always evolving.”

This underscores the importance of continuous monitoring and updating of security measures. 

Many organisations mistakenly assume that once systems are set up, they remain static. 

However, as JD highlights, evolving threats require consistent vigilance. For in-house apps, having control over the software development lifecycle (SDLC) ensures higher security, particularly for coding, data storage, and authentication protocols.

Emerging risks and strategies

Financial institutions are grappling with multifaceted risks, ranging from third-party vulnerabilities to the ethical usage of AI. 

“Service and third-party providers are a major threat aspect... An attack on a supply chain can disrupt different levels within systems like a ripple effect.” 

Such ripple effects can compromise not only the attacked organisation but also its partners and customers.

To mitigate these risks, JD emphasises the importance of information sharing. 

“Information sharing and community engagement are key aspects of preventing further implications during an active attack.” 

Networks like FS-ISAC foster collaboration and provide real-time insights, enabling firms to stay ahead of emerging threats.

The rapid rise of AI also presents a double-edged sword. While it offers transformative potential, it exposes organisations to sophisticated attacks. 

“Our AI Risk Working Group researched all the threats and opportunities of AI... and released findings ranging from highly technical attacks to ethical usage concerns.” 

This proactive approach ensures firms can harness AI responsibly while preparing for its challenges.

Fostering a culture of cybersecurity

A robust cybersecurity strategy extends beyond technology; it must be ingrained in organisational culture. 

JD highlights, “Even the most advanced cybersecurity strategy can falter if an organisation does not foster a culture that ingrains cybersecurity into its DNA. Security is a collective responsibility.”

This culture shift requires ongoing education and awareness. Simple yet effective practices, such as regular training sessions, multi-factor authentication (MFA), and data encryption, can significantly enhance resilience. 

Additionally, conducting regular penetration testing and refining incident response protocols ensures that teams are prepared for potential breaches.

Finally, JD emphasises the interconnected nature of the financial ecosystem. “The interconnectedness of the financial system means that when one party is impacted, it reverberates across the industry.”

By participating in information-sharing networks like FS-ISAC, firms can strengthen collective defences and maintain the trust of consumers and stakeholders alike.

Forward with secure finance

As cyber threats continue to evolve, the financial services sector must remain agile and proactive. 

A combination of robust technical measures, a culture of shared responsibility, and collaboration can empower organisations to build resilience and maintain customer trust. 

The path to a secure and sustainable financial ecosystem is available, enterprises just need the strategies to sieze it.

Explore the latest edition of Cyber Magazine  and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today. 

Cyber Magazine is a BizClik brand

FS-ISACFinancial SecurityCyber for Finance
Share
Latest

Digital Magazine

Read Now
Read the latest Digital Magazine today!

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

Darktrace Reports 692% Surge in Black Friday Cyber Scams

AI cybersecurity firm Darktrace reveals increase in brand impersonation attacks targeting retailers, with holiday-themed phishing attacks rising 327%

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security

SAVE THE DATE – Cyber LIVE London 2025

Cyber Security