A recent report from Forrester called CISOs’ Tactics to Win Every Budget Battle suggests that companies turn towards “growing revenue, customer retention, and operating in specific verticals and regions” to gain security budget.
The recent crisis affecting Silicon Valley Bank (SVB) is impacting businesses and their cybersecurity teams worldwide. How can financial and security leaders work together to confront challenges and protect their organizations?
Bitsight’s CISO, Chris Campbell, and Chief Financial Officer, Jim Hillier, have built a strong working relationship since joining the company. They shared their insights and perspectives from a hectic week of collaboration and offered suggestions for security and finance professionals attempting to navigate these difficult times.
1. The “Super Bowl” of Phishing
Most malicious actors are financially motivated and seek to leverage global news and events to craft targeted phishing emails to gain access to corporate networks and sensitive information. This time is no different. “This is the ‘Super Bowl’ of Phishing,” according to Hillier. “All hackers have to do is write ‘Urgent! SVB Payroll’ on an email, and it will get immediate attention.”
That’s why organizations have to remain more vigilant than ever. Campbell is using this as an opportunity to drive more education on phishing and cyber risks throughout the organization. “We are carefully monitoring all aspects of these events and continuously looking at threat intelligence. Our goal is transparency with the rest of the organization to share information across the company to reduce risk of incidents,” said Campbell. Campbell is leveraging information and lessons learned from CISO affinity groups and information Hillier is sharing with him from his network of Finance professionals to improve corporate security.
2. Commercial relationships are changing quickly, putting sensitive data at risk
Many companies that utilized SVB for their banking needs are in the process of changing their commercial relationships. But this massive change in the business potentially places sensitive data at risk.
“So many companies are reassessing their relationships, looking for greater diversification,” says Hillier. “This is a unique situation because these commercial relationships rarely change, let alone so fast.” But as banking relationships change, payment and wiring instructions will too. It is critical for organizations that are changing commercial relationships to transmit this new information to customers and vendors securely. Don’t forget that your customers and vendors may also be changing banks and will need to transfer data to you securely. Any breakdown in the system could result in additional financial loss. “You can’t be too careful with this data,” adds Campbell.
3. Collaboration between Security and Finance is crucial
Now more than ever, a great working relationship between Security and the Finance organization is critical. According to Hillier, “I believe that creating a strong relationship between Finance and Security is a key step to creating a resilient organization.”
Hillier and Campbell suggest that teams share valuable information on access control and change management, how malicious actors leverage this event, and what their Finance and Security peers are seeing in the field. This information can help both sides improve their protections and limit loss. Furthermore, Finance teams can improve the sharing of information about where sensitive data is stored and what data may be at risk so that Security teams can ensure the adequate protection of that data.
“We’ve worked together from the start, so we feel comfortable sharing information with each other,” says Campbell. “I hope more organizations consider establishing stronger relationships since both Security and Finance are critical in protecting the financial assets of the company.”
4. Security teams have valuable “crisis” knowledge to share with the FInance team
As some teams are now discovering, security professionals have unique knowledge around crisis management that can benefit the Finance organization.
Finance professionals have largely been surprised by just how quickly the situation with SVB unfolded; within hours, the organization was at risk. On the other hand, security professionals are accustomed to addressing crises that unfold over minutes, hours, and days.
Hillier suggests that Finance professionals can learn a lot from their Security colleagues. “Finance teams should consider tabletop exercises like the Security teams do. CISOs think about disaster recovery a lot. Now Finance teams should be thinking about the same issues. What if you only had hours to deal with the situation?” Organizations may consider doing a post-mortem to identify lessons learned during the course of the crisis, identifying what could have been done differently.
5. Be prepared: Trust can evaporate overnight
Ultimately, Security and Finance recognize that trust in your organization can evaporate overnight, making cybersecurity protections all the more important. “Trust is the lifeblood of a company,” says Hillier. “Not being able to demonstrate trust to the market can have a severe impact on a business.” Campbell agrees, adding that cybersecurity effectiveness has become critical to business growth. “Every company cares about the cybersecurity of their business partners. A cyber incident can jeopardize years of revenue and goodwill overnight. Demonstrating strong cybersecurity and a commitment to data protection is crucial to establishing and maintaining trust.”