Are investigations crucial to data breach protection?

SWIFT banking has a team dedicated to data breach investigations. Expert Mike O. Villegas discusses why this is necessary and whether other organizations should follow suit.

SWIFT banking recently added a dedicated cyber intelligence team to its infosec program to perform network data breach investigations. This seems to be a drastic measure, but it could bode well for improved data breach protection. Are other organizations doing this? Should they be?

The Society of Worldwide Interbank Financial Telecommunication, commonly known as SWIFT, is a Belgium-based messaging network that enables financial institutions worldwide to share information and execute financial transactions.

In July 2016, SWIFT partnered with expert cybersecurity firms to create a dedicated cyber intelligence team to head network fraud and data breach investigations. This may seem like a drastic measure for improving security and data breach protection, but given the number of data breaches in today's environment -- including the hack of SWIFT, which resulted in the theft of $81 million -- taking this initiative is justified.

Other organizations should definitely follow SWIFT's example and create some kind of dedicated cyber intelligence or breach investigation and response team. Data breaches in the financial sector have become endemic, and not taking steps to perform data breach investigations and to learn how they occurred is unwise.

Data breach investigations can prevent the breaches from happening again, which is important because the impact they have on the world economy is significant. Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021.

Many organizations experience what is known as "security fatigue," which causes enterprises to feel hopeless and to act recklessly regarding cybersecurity. Yes, there are more cybersecurity laws, regulations and frameworks with which enterprises are required to be compliant. But consider that, less than ten years ago, a significant number of enterprises viewed information security as a necessary evil, and repressive. SWIFT and many other institutions have now realized that cybersecurity should be and is a part of doing business today.

Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)

Next Steps

Dig Deeper on Security operations and management