A multi-part series covering the ongoing adaptation of entities to the realities of criminal enterprises profiting from the theft of digital assets with a focus on cybersecurity for Asset management firms.
A Brief History of Cybersecurity in the Asset Management Industry and Financial Sector
Let’s begin with how we got here, with a look at a few startling statistics on the state of global cybercrime.
In the late 1960s, as the modern Internet was born, the main idea and priority was to create a nationwide network within the United States to ensure that critical information (i.e., military, in the event of local war) could be transmitted by the government. The framework for networking at the time was based on the CIA triangle of Confidentiality, Accessibility, and Integrity. Initial efforts, as we know far too well today, provided significant priority to Accessibility.
While Accessibility flourished, the Internet’s global explosion hindered both Confidentiality and Integrity from doing the same. The exponential growth in use and size has made the Internet an ever-growing global data repository of every imaginable data set, including digital assets.
Cyberattacks on Financial Services
These digital assets and the businesses that manage them are now under constant cyberattack. Estimates, as outlined in the “FBI Internet Crime Complaint Center 2020 Internet Crime Report” of reported attacks, were growing by 70%, year over year. Reported financial losses globally exceeded $4.2 billion, an increase of 20%, year over year.
Many firms have, or are in the process of, migrating to Software-as-a-Service (SAAS) or Platform-as-a-Service (PASS) solutions. These cloud-based solutions and services have led to a considerable outsourcing of data ownership. Outsourcing potentially opens the door to less controlled and less visible data ownership risk profiles.
Just how common are cyber-attack incidents such as data breaches, ransomware, spoofing, phishing, botnets, identity theft and wire fraud? Some numbers collated by Accenture in their State of Cyber Resilience 2021 are quite telling.
- Cyber-attacks are up 31%: There were on average 270 attacks per company over the past year, a 31% increase over 2020. Third-party risk continues to dominate, with successful breaches to the organization through the supply chain increasing from 44% to 61%.
- 33% of attacks will succeed: The share of attacks that will create downtime or service interruptions or data destruction.
- 50% of attacks take months to detect
- 10% of effective attacks: In the past year 10% of all attacks gained access to an environment.
Cybercrime in Asset Management
The RSM US Middle Market Business Index Cybersecurity Special Report 2021, provides mid-market asset management data that confirms the global state of cybercrime, describing asset managers as rich targets.
So the table is set, asset managers with valuable client information, proprietary operational data, and frequent money transfers and transactions, are a very desirable target of cybercriminals. An added threat is the reputational damage that a successful attack can have on an asset manager. Asset management businesses exist on a critical structure of trust. A successful cyberattack can erode that client-manager trust significantly. Software service providers such as Tier1 Financial solutions understand this reputational risk as it is similarly unique to our business model’s risk.
Can the Right Software Strengthen Asset Management Cybersecurity?
Here at Satuit Technologies our IT/Ops and Infosec teams continuously adapt our current defense-in-depth architecture, as we migrate to one of zero-trust to ensure both our business enterprise and our CRM services protect data with the highest standards, for all client and customer data.
Software Features for Asset Management Cybersecurity
A few of our base efforts and security controls focusing on prevention are:
- Selection, review, and continuous monitoring of strategic service partners, such as Microsoft, Salesforce, Cloudflare, Crowdstrike, and Darktrace. Whether these partners house, secure or transport our and our client’s data, our organization holds our partners to our, and our clients’ regulatory and security standards. Our administrative and security teams understand our obligation, as consumers of the providers’ services, of the shared security responsibilities of each party. Audits, both informal and formal, identify any issues and generate ongoing action plans to mitigate any security gaps.
- Firewalls, web filtering, and cloud application security broker (CASB). Firewalls protect against unauthorized users and applications entering networks and endpoints, while web filtering prevents users from accessing prohibited high-risk or malicious external websites. Cloud application security brokers prevent users from accessing and utilizing high-risk or malicious web applications while protecting sensitive content from being shared externally.
- Least-privilege model/role-based access control. The least-privilege model gives a user identity or process only to explicit privileges that are essential to perform its intended function, which helps to minimize potential access points for malware and hackers.
- Testing for internal and external “breach ability.” Our teams conduct systematic periodic tests of our cyber-security controls. This includes hiring third-party service providers to try to break into systems and prohibiting networks from internal and external perspectives. These efforts are ongoing as the days of the annual penetration test are becoming obsolete, as a more robust systematic and on-demand penetration test increases in importance.
- Detection and monitoring solutions. We use solutions that effectively detect abnormal user behavior and alert of an intruder or when coming across recognized code from known malware. These solutions include intrusion detection/prevention software, endpoint detection and response (EDR), and modern security information and event management (SIEM).
- Endpoint encryption. This critical security control protects our firms’ devices, data, and communications. In the event a device is lost or stolen, encryption will prevent the data and applications from being compromised.
Dealing With Human Error in Cybersecurity
It is increasingly becoming more and more apparent that the current tactics of today’s cybercriminals are evolving. Confronted with the expense and complexity of compromising an effectively secured resource utilizing an architecture of defense-in-depth or zero-trust, cybercriminals now finding their preferred, most efficient target to be the human operating these systems. Technological solutions of cyber defense today are motivating the cybercriminal organization to attack the user to open the target organization’s security door.
View a recent blog on asset management operational risks, and how such things as email phishing are a top source of identity compromise and breach. There are certain steps that your organization, must enable to ensure improvements in cyber hygiene and to make cybersecurity a cornerstone of your organization.
- Use a password manager. Today’s individual and enterprise password managers provide a low-cost, efficient tool for managing the multitude of passwords required for secure access to sites and resources across the web. Tools such as LastPass, Dashlane, and 1Password allow for the creation, storage, and auto form fill of complex, unique, and strong passwords. Most of these tools now monitor for compromised passwords on the Darkweb, providing your firm with numerous other security features.
- Don’t store passwords in your browser. Modern browsers provide an ever-growing list of features, least of which are enhanced security features such as password creation, storage, and autofill options. These features, similar in breadth and scope to those in a dedicated password manager, turn your browser into a prime target for both physical compromise and browsing compromise. Today’s chrome-based browsers are not necessarily up to the task of securing the cache of your links to financial, health or any other information you consider necessarily secured.
- Require multi-factor authentication (MFA). MFA is a straightforward control that guards against unauthorized access by ensuring a multi-step login process to access key business applications, network files and folders, and email. Our policies require MFA for on-premises networks, cloud solutions, and external-facing applications regardless of whether users are physically in the office or not. Tier1 solutions provide MFA and we recommend and would like to insist that every client take full advantage of this additional layer of securing ones access identity.
Selecting the Right Asset Management Software
At Satuit Technologies we have a suite of software products designed by and made for, asset management professionals. These include CRM solutions, a secure investor portal, a client report automation tool, and secure data exchange platform.
Our software is designed to streamline daily operations in your firm so you can service your clients with ease. Contact us today to learn more about how our software can benefit your firm and enhance cybersecurity in asset management.