He also points to the impact of ransomware breaches on reputation. “North American financial institutions have held very strong during the pandemic,” he says. “They have been supporting the economy in whatever way possible. There’s a huge reputational impact if ransomware prevents clients from getting stimulus or support funds.”
Banks Must Conduct Cybersecurity Assessments
To reduce the risk of ransomware, Johar points to the benefits of a multifold approach capable of identifying and addressing key threats.
While many banks already have dedicated teams in place to monitor cybersecurity threats 24/7, embedded artificial intelligence and machine learning tools are increasingly critical to capture threat data before key systems are compromised.
“Employee awareness also plays a huge role,” he says. “Banks need to train employees about what could go wrong and what threats look like. They also need to address lateral threat movement with the deployment of microsegmentation tools that offer granular control.”
Along with internal oversight, banks can benefit from robust third-party threat assessments to ensure they’re targeting critical concerns and making the best use of security resources.
Best Practices for Banks’ Data Backups
If ransomware attacks are successful in compromising bank networks, the right backup strategy is critical to minimize operational disruption.
“Traditionally, banks have done a good job with backups,” says Johar, “but today’s ransomware has significantly increased their importance. While banks have always maintained redundant systems, they now need real-time data backups to make on-demand switching possible.”
While the cloud is often tapped for this backup process, Johar says banks must identify which data needs to make the move to the cloud and which is better kept close to home on core systems. “Ask yourself what is going to the cloud and what needs to go to the cloud. Make sure you have a clear understanding of where original data — and its copies — are stored.”
For cloud backups, Johar’s advice is simple: “Don’t give up the keys to the kingdom.” Banks must make sure that access and actions are strictly controlled to reduce the risk of compromise and limit the need for backup failover.
When it comes to defending critical financial assets against ransomware, Johar argues for a multilayer approach that provides complete visibility of assets, access and actions.
“Trust nothing,” he says. “Check everything.”