New York state has released a cyber
\nsecurity report that shows the growing
\nrisk and sophistication of cyber attacks
\nfacing New York banks, and directed the
\nDepartment of Financial Services (DFS)
\nto conduct new, regular, targeted cyber
\nsecurity preparedness assessments of the
\nbanks DFS regulates.<\/p>\n
“With today’s growing cyber threats we
\nneed to make sure New Yorkers’ finances
\nare protected from online predators,” Gov.
\nAndrew Cuomo said. “Targeted cyber security
\nassessments for banks will better safeguard
\nfinancial institutions from attacks
\nand secure personal bank records from being
\nbreached. When consumers sign up for
\nonline banking they expect their personal
\ninformation to be secure and we are working
\nto make sure financial institutions take
\nthe proper precautions to safeguard it.”<\/p>\n
Superintendent of Financial Services
\nBenjamin M. Lawsky said, “The fact that
\nso much of our financial lives are spent
\nonline makes banks increasingly tempting
\ntargets for cyber attacks. Hackers spend
\nday and night trying to think up new ways
\nto steal consumers’ personal information
\nand disrupt our nation’s financial markets,
\nand it’s more important than ever that we
\nrise to meet that challenge.”<\/p>\n
The cyber security report released May
\n6 is the product of an extensive, year-long
\nsurvey that DFS conducted of 154 banks
\nit regulates, state officials said. The most
\nfrequent challenge to building an adequate
\ncyber security program, cited by banks,
\nincluded the increasing sophistication of
\nthreats (71 percent) and emerging technologies
\n(53 percent).<\/p>\n
The report said most institutions experienced
\nintrusions or attempted intrusions
\ninto their IT systems over the past three
\nyears. The methods used to penetrate IT
\nsystems ranged widely, with institutions
\nreporting incidents involving malicious
\nsoftware (malware) (22 percent), phishing
\n(21 percent), pharming (7 percent), and
\nbotnets or zombies (7 percent).<\/p>\n
The most frequent types of wrongful
\nactivity resulting from a cyber intrusion
\nreported by institutions were account
\ntakeovers (46 percent), identity theft (18
\npercent), telecommunication network disruptions
\n(15 percent), and data integrity
\nbreaches (9.3 percent).<\/p>\n
The report said third-party payment processor
\nbreaches were also reported by 18 percent
\nand 15 percent of small and large institutions,
\nrespectively. Large institutions also cited mobile
\nbanking exploitation (15 percent), ATM
\nskimming\/point-of-sale schemes (23 percent),
\nand insider access breaches (8 percent).<\/p>\n
The report also found that the vast
\nmajority of banks – large and small – are
\nplanning to ramp up their cyber security
\nspending in the coming years, which could
\nrepresent a key opportunity for job growth
\nand economic development in New York.
\nMore than three-quarters (77 percent)
\nof all institutions experienced an increase
\nin their total information security budget
\nin the past three years, with most of the
\nremaining institutions (18 percent) reporting
\nthat information security budgets have
\nremained the same. Almost no institutions
\nreported a decrease in spending in the past
\nthree years, according to the report.<\/p>\n
The vast majority of institutions–approximately
\n79 percent industry-wide–reported
\nthat information security budgets were
\nexpected to increase in the next three years.<\/p>\n
The report also outlines several measures
\nDFS will implement to help improve cyber
\nsecurity at New York banks. These measures
\ninclude a new targeted assessment of each
\nbank’s cyber security preparedness – as part of
\nthe regular DFS examination process – to help
\ndrive a strong, consistent focus on that issue.<\/p>\n
The revised examination procedures will
\ninclude additional questions in the areas of
\nIT management and governance, incident
\nresponse and event management, access
\ncontrols, network security, vendor management,
\nand disaster recovery.<\/p>\n
The revised procedures are intended to
\ntake a holistic view of an institution’s cyber
\nreadiness and will be tailored to reflect
\neach institution’s unique risk profile. DFS
\nwill release additional details about the
\ntiming and content of these examination
\nprocedures in the coming weeks.<\/p>\n
DFS has also recommended that all New
\nYork state-chartered depository institutions,
\nirrespective of size, become members
\nof the Financial Services-Information Sharing
\nand Analysis Center (FS-ISAC ).<\/p>\n
Members receive timely notification
\nand authoritative information specifically
\ndesigned to help protect critical systems
\nand assets from physical and cyber security
\nthreats. In fact, both the U.S. Department
\nof Treasury and the U.S. Department of
\nHomeland Security rely on the FS-ISAC
\nto disseminate critical information to the
\nfinancial services sector in times of crisis.<\/p>\n
In addition, the FS-ISAC provides an anonymous
\ninformation-sharing capability across
\nthe entire financial services industry that
\nenables institutions to exchange information
\nregarding physical and cyber security threats,
\nas well as vulnerabilities, incidents, and
\npotential protective measures and practices.<\/p>\n
Last year, Cuomo formed a Cyber Security
\nAdvisory Board, which is working with the
\nadministration on innovative strategies to
\nkeep New Yorkers safe from cyber threats. The
\nboard advises the administration on developments
\nin cyber security and makes recommendations
\nfor protecting the state’s critical
\ninfrastructure and information systems.<\/p>\n","protected":false},"excerpt":{"rendered":"
New York state has released a cyber security report that shows the growing risk and sophistication of cyber attacks facing New York banks, and directed the Department of Financial Services (DFS) to conduct new, regular, targeted cyber security preparedness…<\/p>\n","protected":false},"author":121,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[53,57,70,102],"class_list":["post-15356","post","type-post","status-publish","format-standard","hentry","category-business-news","tag-banking","tag-business-news","tag-financial","tag-ny-state"],"yoast_head":"\r\n