High profile cybercrimes are dominating the headlines this year: the Equifax breach, WannaCry, Petya, etc. The frightening diversity and sophistication of these immense cyberattacks have left pressing questions on how best to quell them. But where do financial institutions even begin? The relentlessness of ransomware, the diligence of DDoS and the frequency of fraud are enough to leave even the most seasoned cybersecurity professionals cross-eyed.
Though the list of adversaries is daunting, there’s no need to be overwhelmed. The best place to start is with one simple question: is your institution’s firewall security up to snuff?
The Firewall Fundamentals
A firewall is one of the most basic, yet essential, cyber deterrent available to financial institutions. Firewalls act as a gatekeeper for your network, protecting it from the outside global network by inspecting all inbound or outbound traffic and determining if it meets the criteria to pass through. Without a firewall to protect your network, any hacker could easily breach your network and cause havoc. Likewise, a misconfigured or out-of-date firewall provides little protection.
In 2011, the FFIEC issued its Cybersecurity Assessment Tool, or CAT, which details financial institutions’ regulatory requirements for maintaining firewalls. Understanding the tremendous risk that follows a poor firewall architecture, the FFIEC also mandated that financial institutions be subject to quarterly audits of their firewall security protocols.
These regulatory requirements, coupled with the threat of looming cybercrime, have forced the hands of many banks and credit unions across the country. Now, more than ever, financial institutions must look at their firewall security efforts and ensure they are not only compliant, but also risk adverse. Here are a few suggestions to accomplishing both.
- Get in the mindset of a cybercriminal. Ask the question: is our firewall hackable? Answer that question by actively attempting to bypass your firewall, or incorporate the services of a firewall security vendor to weed out any vulnerabilities. Once you’ve identified these vulnerabilities, or “holes,” patch them to ensure cybercriminals don’t have access.
- Review password credentials. Passwords are an important element for keeping your institution’s data secure. Ensure that all employees with rights to sensitive data have complex passwords that have the appropriate length and strength.
- Verify your rule efficiency. Firewalls operate on a set of rules that allow certain traffic in and out of your network. Make sure this ruleset is updated regularly, accounting for new threats, and that all current rules are still efficient and relevant. Often breaches result from old configuration no longer applicable or relevant at the time of the breach.
- Proactively monitor your security. Deploying a firewall and ensuring it remains current with regular vulnerability checkups and firewall reviews are important. Take it a step further by proactively monitoring firewall events. This gives you a fighting chance of knowing when attacks are happening and if a breach occurred so proper steps can be taken.
Keep Your Firewall Updated
Remember, the FFIEC requires quarterly audits to review your institution’s firewall security. However, sticking to the bare minimum of these requirements exponentially increases both your risk and vulnerability, putting your institution at the mercy of cybercriminals eager to steal passwords, customer data and even funds.
Therefore, it is imperative that you keep your institution’s firewall security top of mind. Ensure that your institution has adequate firewall security and meets regulatory guidelines with a firewall review and audit. Doing so allows you to discover and address any vulnerabilities before regulators and—more importantly—cybercriminals do.
Shawn Eftink is a product manager for CSI's Managed Services Division. He has more than 20 years of industry experience and holds professional certifications including ITIL, CSM, CCDA and CCNA.