• Home

  • Documents

  • The Corporate View: Tackling the Cybersecurity Threat
5
1 The Corporate View: Tackling the Cybersecurity Threat “Defending the organisation against cyberattack is a top priority for us. The nature of cybercrime is constantly changing and every area of the business has a responsibility to protect the organisation and our customers. Ultimately, cybersecurity impacts the business in two primary ways: firstly, the impact on our bottom line, and secondly, the reputational impact. As the global interconnection platform for the world’s leading businesses, the issue of reputational risk is paramount.” Although cybersecurity is top of mind for corporate treasurers, it is not always easy to know where to start. In this feature, leading corporations Equinix and Prologis, together with Siva Ram, Head of Business Security and Fraud, Global Liquidity and Cash Management, HSBC, share their experiences of best practices in cybersecurity and fraud prevention. From response to prevention In many cases, there is a tendency to focus on how best to respond to an attack as opposed to try and prevent it happening in the first place, which often involves deploying existing capabilities. Siva Ram, HSBC, details, “Treasurers already have a variety of techniques in their armoury (figure 1) to minimise the risk of internal and external fraud, including multi-level Peter Atuma Senior Manager, Global Information Security – Governance, Equinix approvals, secure integration between internal and bank systems, and daily account reconciliation to avoid or quickly identify unauthorised payments.” By way of example, Regina Ochev, Assistant Treasurer, Prologis says, “We have rigorous segregation of duties and a structured accounts payable process with multiple levels of approval on payments before they reach treasury, and then before transmission to the bank. In addition to regular user IDs and passwords, we have implemented multi-factor authentication wherever Security and fraud prevention have always been vital corporate responsibilities, and central to treasury’s remit. However, the immediacy of these risks, and the potential damage, is growing. As Peter Atuma, Senior Manager, Global Information Security – Governance at Equinix illustrates:

The Corporate View: Tackling the Cybersecurity Threat

  • Upload
    others

  • View
    6

  • Download
    0

Embed Size (px)

Citation preview

Page 1: The Corporate View: Tackling the Cybersecurity Threat

1

The Corporate View:Tackling the Cybersecurity Threat

“Defending the organisation against cyberattack is a top priority for us. The nature of cybercrime is constantly changing and every area of the business has a responsibility to protect the organisation and our customers. Ultimately, cybersecurity impacts the business in two primary ways: firstly, the impact on our bottom line, and secondly, the reputational impact. As the global interconnection platform for the world’s leading businesses, the issue of reputational risk is paramount.”

Although cybersecurity is top of mind for corporate treasurers, it is not always easy to know where to start. In this feature, leading corporations Equinix and Prologis, together with Siva Ram, Head of Business Security and Fraud, Global Liquidity and Cash Management, HSBC, share their experiences of best practices in cybersecurity and fraud prevention.

From response to prevention In many cases, there is a tendency to focus on how best to respond to an attack as opposed to try and prevent it happening in the first place, which often involves deploying existing capabilities. Siva Ram, HSBC, details,

“Treasurers already have a variety of techniques in their armoury (figure 1) to minimise the risk of internal and external fraud, including multi-level

Peter AtumaSenior Manager, Global Information Security – Governance, Equinix

approvals, secure integration between internal and bank systems, and daily account reconciliation to avoid or quickly identify unauthorised payments.”

By way of example, Regina Ochev, Assistant Treasurer, Prologis says,

“We have rigorous segregation of duties and a structured accounts payable process with multiple levels of approval on payments before they reach treasury, and then before transmission to the bank. In addition to regular user IDs and passwords, we have implemented multi-factor authentication wherever

Security and fraud prevention have always been vital corporate responsibilities, and central to treasury’s remit. However, the immediacy of these risks, and the potential damage, is growing. As Peter Atuma, Senior Manager, Global Information Security – Governance at Equinix illustrates:

Page 2: The Corporate View: Tackling the Cybersecurity Threat

2

possible, including in our ERP, to control system access. This is an important way of preventing phishing attacks which monitor keystrokes.

“We channel our bank communications via SWIFT, which is closely integrated with our ERP. This ensures consistent processes, controls and integration compared with using multiple banking systems.”

Processes around ancillary data also need to be secured, such as bank accounts (including opening, closing and modifying authorities) and supplier payment details to guard against attacks such as fake supplier instructions. Processes and controls need to be consistent, reviewed and tested regularly and enforced uniformly across the organisation. As Duang Wollring, European Treasurer, Equinix describes,

Siva RamHead of Business Security and Fraud, Global Liquidity and Cash Management, HSBC

Fig 1. Treasurers’ defence against cyber crime

74% 46% 37% 37% 27% 15% 12% 8% 5%

1 2 3 4 5 6 7 8 9

Perform daily reconciliations

Adopt a stronger form of authentication or added layers of security for access to bank services

Ensure disaster recovery plans to include the ability to continue with strong controls

Upgrade the authentication procedure/devices used to access our company network

Restrict company network access for payments to only company-issued laptop

Restrict company network access for payments via mobile devices (laptop, tablets, phones to emergency situations)

Dedicate a PC for payment origination (with no links to e-mail/web browsing/social networks

Replace proprietary bank connections with secure access through the SWIFT network

Other

2

1 4

36

5 8

7

9

74% 46% 37% 37% 27% 15% 12% 8% 5%

1 2 3 4 5 6 7 8 9

Perform daily reconciliations

Adopt a stronger form of authentication or added layers of security for access to bank services

Ensure disaster recovery plans to include the ability to continue with strong controls

Upgrade the authentication procedure/devices used to access our company network

Restrict company network access for payments to only company-issued laptop

Restrict company network access for payments via mobile devices (laptop, tablets, phones to emergency situations)

Dedicate a PC for payment origination (with no links to e-mail/web browsing/social networks

Replace proprietary bank connections with secure access through the SWIFT network

Other

2

1 4

36

5 8

7

9

74% 46% 37% 37% 27% 15% 12% 8% 5%

1 2 3 4 5 6 7 8 9

Perform daily reconciliations

Adopt a stronger form of authentication or added layers of security for access to bank services

Ensure disaster recovery plans to include the ability to continue with strong controls

Upgrade the authentication procedure/devices used to access our company network

Restrict company network access for payments to only company-issued laptop

Restrict company network access for payments via mobile devices (laptop, tablets, phones to emergency situations)

Dedicate a PC for payment origination (with no links to e-mail/web browsing/social networks

Replace proprietary bank connections with secure access through the SWIFT network

Other

2

1 4

36

5 8

7

9

74% 46% 37% 37% 27% 15% 12% 8% 5%

1 2 3 4 5 6 7 8 9

Perform daily reconciliations

Adopt a stronger form of authentication or added layers of security for access to bank services

Ensure disaster recovery plans to include the ability to continue with strong controls

Upgrade the authentication procedure/devices used to access our company network

Restrict company network access for payments to only company-issued laptop

Restrict company network access for payments via mobile devices (laptop, tablets, phones to emergency situations)

Dedicate a PC for payment origination (with no links to e-mail/web browsing/social networks

Replace proprietary bank connections with secure access through the SWIFT network

Other

2

1 4

36

5 8

7

9

74% 46% 37% 37% 27% 15% 12% 8% 5%

1 2 3 4 5 6 7 8 9

Perform daily reconciliations

Adopt a stronger form of authentication or added layers of security for access to bank services

Ensure disaster recovery plans to include the ability to continue with strong controls

Upgrade the authentication procedure/devices used to access our company network

Restrict company network access for payments to only company-issued laptop

Restrict company network access for payments via mobile devices (laptop, tablets, phones to emergency situations)

Dedicate a PC for payment origination (with no links to e-mail/web browsing/social networks

Replace proprietary bank connections with secure access through the SWIFT network

Other

2

1 4

36

5 8

7

9

74% 46% 37% 37% 27% 15% 12% 8% 5%

1 2 3 4 5 6 7 8 9

Perform daily reconciliations

Adopt a stronger form of authentication or added layers of security for access to bank services

Ensure disaster recovery plans to include the ability to continue with strong controls

Upgrade the authentication procedure/devices used to access our company network

Restrict company network access for payments to only company-issued laptop

Restrict company network access for payments via mobile devices (laptop, tablets, phones to emergency situations)

Dedicate a PC for payment origination (with no links to e-mail/web browsing/social networks

Replace proprietary bank connections with secure access through the SWIFT network

Other

2

1 4

36

5 8

7

9

• Cybersecurity is the no. 1 concern for 82% of treasurers1

• 78% of corporations have been hit by payment fraud in the past year2

• 65% of this originated from outside the company3

Source: 2017 AFP Payments Fraud and Control Survey

Page 3: The Corporate View: Tackling the Cybersecurity Threat

3

“From a treasury perspective, we take an end-to-end approach, identifying every process and task that could create a vulnerability, and explore how we can bolster our defences. For example, we work with our internal and external partners to ensure that every step in the payments process is encrypted. While we have not experienced a breach due to inadequate encryption, it is essential to be a step ahead of the fraudsters, rather than waiting for something to happen.”

In many cases, fraudsters target subsidiaries or branches where controls may be less rigorous. Centralisation can be a valuable way of overcoming this risk, as Duang Wollring emphasises,

“Centralised structures can help by enabling a standardised approach to processes and controls, and create common goals. Centralised business functions such as treasury and shared service centres also provide sufficient scale to implement segregation of duties.”

Siva Ram, HSBC continues,

“Crucially, it is far easier to apply consistent processes and controls and ensure that staff training

is up to date in regional or global treasury centres or SSCs than in multiple locations. Where this is not feasible, ‘virtual’ centralisation through a common technology hub ensures that processes and controls are enforced consistently.”

Training and culture While the right technology and processes have an important role to play in treasury’s defence against the threat of cyberattack or fraud, training and

Regina OchevAssistant Treasurer, Prologis

Page 4: The Corporate View: Tackling the Cybersecurity Threat

4

how vulnerable our workforce is to common attacks, as well as enabling us to refine our education and training.”

Regina Ochev, Prologis concurs,

“We provide extensive, company-wide training on the changing nature and severity of external threats, as well as how to guard against internal risk of fraud. This is essential to prevent people from becoming unwitting targets of phishing attacks etc. and we test our controls regularly.”

Training cannot be a one-off activity, but a regularly updated, regularly delivered programme tailored to different types of user. Duang Wollring outlines how Equinix have approached this,

“Ensuring that staff are aware of cyberrisks, but also understand and comply with business processes and controls is particularly important in treasury and our shared service centres given the nature of their responsibilities. With this in mind, Equinix makes education mandatory at all levels of the company.

“Creating the right culture of diligence is vital so that every employee recognises their role in protecting Equinix and our customers. This includes a culture of constant improvement, so that employees identify where processes or controls could be enhanced.”

Rapid response However effective the processes and controls that are in place, and however well-trained the workforce, every company could be attacked. Consequently, ensuring a fast and appropriate response to suspected or actual attacks is essential. Many companies still have a cultural issue that staff are unwilling to raise the alarm for fear of blame. Siva Ram, HSBC advises,

“In the event of an actual or suspected cyber breach or fraud event, acting quickly is of the essence. All staff involved with managing transactions or data in treasury therefore need to be able to recognise these events and know how to respond. Simulating attacks, not only in central or regional treasury centres or SSCs but in other parts of the business where cash and treasury management activities take place can be a very valuable way of overcoming users’ reluctance to act, practising responses and identifying areas for further exploration and resolution.”

Every organisation must be prepared to manage the impact of a breach or fraud event in a way that is prompt, proportionate and appropriate to the

empowering employees is equally important in defending the company against internal and external cyberthreats. Regina Ochev, Prologis explains,

“All employees are encouraged to take a personal role in protecting the company’s assets, and people are empowered to question actions that they consider unusual including holding payments while conducting call-back confirmation procedures and escalating unusual transactions to management.”

As Siva Ram, HSBC suggests,

“In addition to rigorous, uniformly applied processes and controls, education and training is essential so that users are equipped to recognise potential attacks. For example, most unauthorised access is committed using impersonation fraud (such as email fraud, CEO fraud etc.) or phishing where it is user behaviour rather than controls on infrastructure, that creates the vulnerability.”

Peter Atuma, Equinix continues,

“Phishing is probably the most common form of attack, and the incidence and severity of these attacks is increasing. As with other cyberthreats, awareness and education is key. We have mandatory training for all staff to help them identify phishing attacks and understand what to do, including some specific education for finance professionals. We also test all staff with dummy scam emails to determine

Duang WollringEuropean Treasurer, Equinix

Page 5: The Corporate View: Tackling the Cybersecurity Threat

5

company’s risk appetite. Siva Ram HSBC highlights some of the questions that need to be addressed,

• “In the case of ransomware, under what circumstances would you pay hackers? How much? When? How? For example, you would not be able to pay using normal payment channels, so are you set up for, and prepared to use cryptocurrencies?

• In the case of a data breach, do you know where your data is located? How would you restore services in the case of an attack?

• What would you need to do to set up a skeletal treasury function? A serious attack could mean entirely new hardware and operating software may be required if this was compromised: are you prepared for this?”

Collaboration and information sharing Treasury is not alone in tackling the cybersecurity threat. As Peter Atuma, Equinix advises,

“It is essential that IT works closely with business functions such as treasury to create a cohesive approach to cyber defence and work collectively as good corporate citizens. We work beyond organisational silos and prioritise our security activities according to urgency and the potential scale of impact.”

The need for collaboration extends not just within the organisation but beyond. Duang Wollring, Equinix urges,

“We must all work together to defend and protect our organisations and the digital supply chain we operate across against the threat of cyberattack. This includes banks, technology providers, industry peers, customers and suppliers. Information sharing and industry collaboration is a particularly important way of strengthening our collective defences.”

Taking a leadership role in cybersecurity is an important way in which treasury can elevate its reputation and influence in the organisation, as Regina Ochev, Prologis concludes,

“Our treasury function evolved from a traditional cash management function to a far more influential team that plays a major role in cross-departmental projects such as cybersecurity, financial reporting, and exploring innovations, such as robotics, blockchain and smart contracts. Increasingly, we are part of the wider business ecosystem, partnering the business to help innovate whilst protecting the business.”

Notes1 The Business of Treasury, Association of Corporate Treasurers, 20172 AFP Payments Fraud and Control Survey, 2018 3 Payments Fraud and Control Survey, Association of Finance

Professionals, 2018

Published: October 2018For Professional clients and Eligible Counterparties only.All information is subject to local regulations.Issued by HSBC Bank plc.Authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.Registered in England No 14259Registered Office: 8 Canada Square London E14 5HQ United KingdomMember HSBC Group


The Association between Capacity Management, Cybersecurity ... · The Association between Capacity Management, Cybersecurity, and Insider Threat ... – Something you know ... •

The Association between Capacity Management, Cybersecurity ... · The Association between Capacity Management, Cybersecurity, and Insider Threat ... – Something you know ... •

Documents
Tackling the cyber security threat (2016 - v1.0)

Tackling the cyber security threat (2016 - v1.0)

Technology
2017 CYBERSECURITY THREAT INSIGHTS REPORT FOR …...8 2017 Cybersecurity Threat Insights Report for Leaders advantage. This can involve unscrupulous competitors or nation states. Political

2017 CYBERSECURITY THREAT INSIGHTS REPORT FOR …...8 2017 Cybersecurity Threat Insights Report for Leaders advantage. This can involve unscrupulous competitors or nation states. Political

Documents
AN OFFERING FROM BDO’S CYBERSECURITY ......During 2018, our BDO global cybersecurity threat intelligence team has developed and published quarterly cyber threat insight reports to

AN OFFERING FROM BDO’S CYBERSECURITY ......During 2018, our BDO global cybersecurity threat intelligence team has developed and published quarterly cyber threat insight reports to

Documents
Digital Threat Detection Model to Mitigate Cybersecurity

Digital Threat Detection Model to Mitigate Cybersecurity

Documents
ENTERPRISE ATTITUDES TO CYBERSECURITY · 5 ENTERPRISE ATTITUDES TO CYBERSECURITY: TACKLING THE MODERN THREAT LANDSCAPE Changing technology is also having a big influence on cybersecurity

ENTERPRISE ATTITUDES TO CYBERSECURITY · 5 ENTERPRISE ATTITUDES TO CYBERSECURITY: TACKLING THE MODERN THREAT LANDSCAPE Changing technology is also having a big influence on cybersecurity

Documents
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real-world Solutions

Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real-world Solutions

Technology
Cybersecurity Presentation CNET FINALcnectgpo.com/.../2019/07/Cybersecurity-Presentation... · E-Mail Phishing Attack –Threat Quick Tips Reference Document -Health Industry Cybersecurity

Cybersecurity Presentation CNET FINALcnectgpo.com/.../2019/07/Cybersecurity-Presentation... · E-Mail Phishing Attack –Threat Quick Tips Reference Document -Health Industry Cybersecurity

Documents
Booz Allen Industrial Cybersecurity Threat Briefing

Booz Allen Industrial Cybersecurity Threat Briefing

Technology
Is My Organization Ready for a cybersecurity threat ......Is My Organization Ready for a cybersecurity threat? Assessment and setting up plans INHEL REKIK MS, DIRECTOR OF HEALTH TECHNOLOGY

Is My Organization Ready for a cybersecurity threat ......Is My Organization Ready for a cybersecurity threat? Assessment and setting up plans INHEL REKIK MS, DIRECTOR OF HEALTH TECHNOLOGY

Documents
Cybersecurity Threat Landscape - FuzeHub

Cybersecurity Threat Landscape - FuzeHub

Documents
Tackling Cybersecurity With Compromise Assessments ... · Tackling Cybersecurity With Compromise Assessments Incident Response 3 ... questions beyond what ... Tackling Cybersecurity

Tackling Cybersecurity With Compromise Assessments ... · Tackling Cybersecurity With Compromise Assessments Incident Response 3 ... questions beyond what ... Tackling Cybersecurity

Documents
CAEs speak out: Cybersecurity seen as key threat to growth

CAEs speak out: Cybersecurity seen as key threat to growth

Business
The Cybersecurity Kill Chan - myth or threat

The Cybersecurity Kill Chan - myth or threat

Documents
Thwarting the Iranian Cybersecurity Threat › wp-content › uploads › 2020 › 01 › WP... · 2020-02-07 · Thwarting the Iranian Cybersecurity Threat Continuously Discover,

Thwarting the Iranian Cybersecurity Threat › wp-content › uploads › 2020 › 01 › WP... · 2020-02-07 · Thwarting the Iranian Cybersecurity Threat Continuously Discover,

Documents
Threat Intelligence Summary - Fidelis Cybersecurity

Threat Intelligence Summary - Fidelis Cybersecurity

Documents
2020 CYBERSECURITY THREAT TRENDS OUTLOOK2020 CYBERSECURITY THREAT TRENDS OUTLOOK Nine ways threat actors will make waves in 2020 1This report is for informational purposes only, and

2020 CYBERSECURITY THREAT TRENDS OUTLOOK2020 CYBERSECURITY THREAT TRENDS OUTLOOK Nine ways threat actors will make waves in 2020 1This report is for informational purposes only, and

Documents
THREAT - Cybersecurity Insiders · 2017-08-15 · THREAT ONITORING, TECTION ESPONSE EPORT 4 KEY FINDINGS Dealing with advanced threats is the most significant concern for cybersecurity

THREAT - Cybersecurity Insiders · 2017-08-15 · THREAT ONITORING, TECTION ESPONSE EPORT 4 KEY FINDINGS Dealing with advanced threats is the most significant concern for cybersecurity

Documents
RANSOMWARE - Cybersecurity Insiders€¦ · Ransomware is the fastest growing security threat, perceived as a moderate or extreme threat by 80% of cybersecurity professionals. 75%

RANSOMWARE - Cybersecurity Insiders€¦ · Ransomware is the fastest growing security threat, perceived as a moderate or extreme threat by 80% of cybersecurity professionals. 75%

Documents
Cybersecurity and Offshore Oil: The Next Big Threat

Cybersecurity and Offshore Oil: The Next Big Threat

Documents
Tackling the growing threat of dengue: Phyllanthus niruri

Tackling the growing threat of dengue: Phyllanthus niruri

Documents
CYBERSECURITY - SIFMA€¦ · the insider threat at financial institutions; and (3) to help financial firms measure their insider threat program’s effectiveness. The Insider Threat

CYBERSECURITY - SIFMA€¦ · the insider threat at financial institutions; and (3) to help financial firms measure their insider threat program’s effectiveness. The Insider Threat

Documents
Cybersecurity Insider Threat Analytics

Cybersecurity Insider Threat Analytics

Documents
Cybersecurity Threat Analysis: Status and Advanced Tools

Cybersecurity Threat Analysis: Status and Advanced Tools

Technology
Covering the global threat landscape - Virus Bulletin€¦ · global threat landscape THREAT ANALYSIS REPORT SAVE YOURSELF MALWARE Reason Cybersecurity SUMMARY Recently, many users

Covering the global threat landscape - Virus Bulletin€¦ · global threat landscape THREAT ANALYSIS REPORT SAVE YOURSELF MALWARE Reason Cybersecurity SUMMARY Recently, many users

Documents
Cybersecurity Cybersecurity for for Hedge Funds fund ...€¦ · Cybersecurity for Hedge Funds 2016 The threat within: Mitigating insider risk Implications of data protection regs

Cybersecurity Cybersecurity for for Hedge Funds fund ...€¦ · Cybersecurity for Hedge Funds 2016 The threat within: Mitigating insider risk Implications of data protection regs

Documents
2020 INSIDER THREAT REPORT - Cybersecurity Insiders · 2019-11-04 · This 2020 Insider Threat Report has been produced by Cybersecurity Insiders, the 400,000 member community for

2020 INSIDER THREAT REPORT - Cybersecurity Insiders · 2019-11-04 · This 2020 Insider Threat Report has been produced by Cybersecurity Insiders, the 400,000 member community for

Documents
Cyber security the cybersecurity kill chan - myth or threat

Cyber security the cybersecurity kill chan - myth or threat

Documents
Threat Intelligence: Shrinking the Cybersecurity Data Gap

Threat Intelligence: Shrinking the Cybersecurity Data Gap

Documents
Cybersecurity Governance Update: P New FFIEC Requirements · 2015-01-26 · FFIEC Cybersecurity Assessments FFIEC Cybersecurity Threat and Vulnerability Monitoring and Sharing Statement

Cybersecurity Governance Update: P New FFIEC Requirements · 2015-01-26 · FFIEC Cybersecurity Assessments FFIEC Cybersecurity Threat and Vulnerability Monitoring and Sharing Statement

Documents