Imagery Majestic - Fotolia
SWIFT banking recently added a dedicated cyber intelligence team to its infosec program to perform network data breach investigations. This seems to be a drastic measure, but it could bode well for improved data breach protection. Are other organizations doing this? Should they be?
The Society of Worldwide Interbank Financial Telecommunication, commonly known as SWIFT, is a Belgium-based messaging network that enables financial institutions worldwide to share information and execute financial transactions.
In July 2016, SWIFT partnered with expert cybersecurity firms to create a dedicated cyber intelligence team to head network fraud and data breach investigations. This may seem like a drastic measure for improving security and data breach protection, but given the number of data breaches in today's environment -- including the hack of SWIFT, which resulted in the theft of $81 million -- taking this initiative is justified.
Other organizations should definitely follow SWIFT's example and create some kind of dedicated cyber intelligence or breach investigation and response team. Data breaches in the financial sector have become endemic, and not taking steps to perform data breach investigations and to learn how they occurred is unwise.
Data breach investigations can prevent the breaches from happening again, which is important because the impact they have on the world economy is significant. Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021.
Many organizations experience what is known as "security fatigue," which causes enterprises to feel hopeless and to act recklessly regarding cybersecurity. Yes, there are more cybersecurity laws, regulations and frameworks with which enterprises are required to be compliant. But consider that, less than ten years ago, a significant number of enterprises viewed information security as a necessary evil, and repressive. SWIFT and many other institutions have now realized that cybersecurity should be and is a part of doing business today.
Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)
Learn how to update your incident response process and leverage automation
Discover how to build an incident response toolkit for enterprise security
Read a chapter of Data Breach Preparation and Response: Breaches are Certain, Impact is Not
Dig Deeper on Security operations and management
Related Q&A from Mike O. Villegas
As ransomware continues to surge, companies are faced with decisions to report the attacks, pay the ransom or both. Experts weigh in on the options ... Continue Reading
A social media security policy is necessary for most enterprises today. Expert Mike O. Villegas discusses what should be included in social media ... Continue Reading
Privacy and information security can often be at odds with each other in enterprises. Expert Mike O. Villegas explains how C-levels can help to get ... Continue Reading