The increasing threat and impact of cyber attacks have made headlines recently with reports about cyber attacks on the White House and government-sponsored cyber attacks on financial institutions. What these events demonstrate is how organized and well-funded adversaries are using highly sophisticated tools and techniques to target legitimate organizations on a massive scale.
“While financial firms are investing in preventing breaches, increasingly the defense doctrine is to assume breaches will happen and invest more in detection of the breach and mitigation of exfiltration of sensitive data,” said Bruce Tolley, vice president at networking systems provider Solarflare. “Firms are also taking more seriously implementation of policies and procedures that go above and beyond basic compliance with such standards as PCI,” or payment card industry, he said.
Successful cyber attacks on business and government networks have shown how defenses based around anti-malware technologies can be circumvented, said Tolley. These have been sophisticated operations and a great deal of investment has been made by the attackers to develop these tools and enable them to evade detection.
“Companies can do more to protect themselves from cyber threats by use of policies, filters, and access control lists to control access to critical data stored on servers and make sure that only properly authenticated users can access the data,” Tolley said.
The Bank of England's CBEST system uses intelligence from government and accredited commercial providers to identify potential attackers to a particular financial institution. It then replicates the techniques these potential attackers use in order to test the extent to which they may be successful in penetrating the defenses of the institution.
“The idea of CBEST is to bring together the best available threat intelligence from government and elsewhere, tailored to the business model and operations of individual firms, to be delivered in live tests, within a controlled testing environment," Andrew Gracie, executive director, resolution at the Bank of England said in a June 2014 speech. "The results should provide a direct readout on a firm’s capability to withstand cyber-attacks that on the basis of current intelligence have the most potential, combining probability and impact, to have an adverse impact on financial stability.”
The implementation of CBEST will help the boards of financial firms, infrastructure providers and regulators to improve their understanding of the types of cyber-attack that could undermine financial stability in the UK, the extent to which the UK financial sector is vulnerable to those attacks and how effective the detection and recovery processes are, said Gracie.
Featured image via James Thew/Dollar Photo Club