The financial industry worldwide is on the brink of major change, especially due to the rising prevalence of cybercrime. Armed with the latest technology and preventive measures to preserve the security of banks, Bahrain-based cyber threat management company CTM 360’s Chief Information Security Officers* (CISOs) discuss the various challenges before the industry and how they are integrating with their clients to provide real-time and quick solutions.
How does CTM360 identify cyber security needs and evaluate their relevance?
Understandably, the financial industry is in the frontline of cybercrime where monetary and brand reputation losses from cyber attacks are very evident. The challenge is to keep up with the latest variation, timely detection and comprehensive response. Having served the regional industry for a long time, we recognise that the only thing constant in the cyber security industry is change. The level of complexity and challenges are also constantly morphing. In response, we have adopted the strategy to remain agile, continually research and evolve service offerings; facilitate dialogue and industry collaboration across the security industry, in addition to remaining primary drivers.
Specifically, which area in IT security do you believe needs to be in the spotlight this year and why?
Our view may come as a surprise to many as we neither want to focus on threat vectors or any new cutting edge technology. We believe that rather than doing more we should do different. Firstly, organisations need to adopt clarity of differentiating functions, i.e. IT security with the goal of enhancing secure end-user experience, information security with the goal of protecting information assets and cyber security with the goal of neutralising cyber attacks in cyberspace. Within these three domains, individuals performing either function need to understand and appreciate the challenges of the other two.
Secondly, focus has to be on collaboration as only mitigation of cyber threats is a losing battle if we do not work together. If you are insecure in disclosing how you were breached, how do you expect any other person to warn you based on how they have been breached? Thereby, for the same, we have developed a trusted community platform termed TRUST360. Lastly, organisations need to have a cyber incident response unit that would have the ability to even monitor and neutralise attacks in the very early stage, while attack elements are evolving in cyberspace.
What steps are being taken by CTM 360 to mitigate cyber risks?
CTM360 takes a holistic approach to managing cyber risks. By fortifying genuine assets, eliminating suspicious incidents and neutralising malicious threats, CTM360 can manage threats at every stage of the cyber kill chain. The company has developed multiple tools and systems, and currently offers them under 10 service modules that prevent, identify, manage or mitigate threats in cyberspace.
Banking services are coming up significantly in the Asia Pacific region. What are your thoughts on this and does CTM plan to extend their services to this region?
APAC can be considered more agile in leveraging technology for enhancing banking business. Due to lack of cyber security skills, the challenge would be to adopt the latest secure practices at the same pace. CTM360 is addressing this very gap by proposing to be the 24×7 cyber security unit for subscribed members. We are focused on expanding into APAC in 2017 as it holds tremendous untapped potential and the banking services industry is flourishing with four to five core markets, including Singapore, Malaysia, Australia, Japan and China.
Usually, how do you assess the scope of work with your clients? What are the parameters you would need to understand the kind of help they need from your company?
The scope in the industry is normally defined by the category of attacks that an organisation may opt for and the brand keywords that the detection would be conducted upon. At CTM360, we prefer to act as the cyber security team for our subscribed members, hence our scope is meant for anything and everything in the cyberspace. The only difference is that we stay outside a member’s firewall, detect and neutralise all forms of attack elements in the cyberspace. Being the intelligence unit, it is our job to identify and run an inventory on all the cyber assets of our members as well. Hence, we do not need them to give us any parameters, but they do need to let us know the focus areas that their business and risk feels is important. Next, it is our job to always provide threat intelligence that is credible and member-specific, i.e. by severity and by relevance.
FinTech, InsurTech and RegTech are among the biggest trends in banking today – how can companies like CTM360 help banks make the switch safely?
Adopting any new technology comes with a complete new set of security challenges, especially when security in general is an afterthought. The common components in the new threat scenarios and the old are the attack elements of the early stage of attack, and that is what cyber security is all about. So when any bank is switching, CTM360 is very operative and effective without requiring any changes in cyber security operations. Moreover, TRUST360 provides the community platform to gain knowledge about security challenges being faced by other banks in this migration, facilitating cooperation across all stakeholders. Buzz words without understanding feasibility, risks and practicality remains risky.
Can you tell us a bit about CTM 360’s most popular products and services?
The 24 x 7 x 365 CTM360 Cyber Incident Response Unit (CIRU) was developed to address the needs of the regional financial sector; however, in a short span of time, the CIRU is now servicing multiple industry verticals, (e.g. Aerospace, Healthcare, Hospitality, Oil & Gas, Petrochemicals, Retail, SWFs) and across many geographies. CIRU’s unique ability to action holistically on all cyber attack elements across the cyber kill chain has established CTM 360 as the preferred cyber security partner for financial sector clients in the GCC. We service 25 of the top 50 banks in the GCC. Aside from banks, we also work with insurance companies.
Any entity with an online presence can benefit from a subscription to CIRU with minimal effort and time. All modules fit a specific purpose and are bespoke to the subscribed member ranging from prevention, detection and mitigation.
What are your key markets for expansion in the GCC?
CTM360 quickly evolved from being specific to Saudi Arabia through its parent company, IT Matrix, to catering to the regional GCC markets. After going global in 2016, the next phase of expansion will involve establishing global satellite centres for CIRU in 2017.
* Inputs have been provided by a range of Chief Information Security Officers (CISOs) within the CTM 360 network. CTM 360 was the Cyber Security Partner for IFM’s EMEA Awards Ceremony held in Dubai in January 2017