To deal with intruders, you need to think like an attacker.
The recent attack on the New York office of the largest Chinese bank, ICBC, once again demonstrated the vulnerability of the financial infrastructure in the face of cyber threats. Attackers used malware to disrupt the operation of the US Treasury bond market, forcing ICBC to transfer documents via couriers on USB drives.
Such incidents force companies that manage critical financial institutions to radically reconsider their approaches to cybersecurity. The head of the Swiss exchange group SIX, Jos Deiselhof, uses unusual methods: he hires "ethical hackers" to fight real intruders.
According to Deiselhof, the scale and complexity of cyber attacks are constantly growing. Hacker groups use sophisticated phishing, attack through calls and instant messengers, targeting several systems of large organizations at once.
To counter them, SIX invests in three layers of cyber defense: blocking unauthorized access, localizing an attack after penetration, and restoring systems after an attack. However, even this does not guarantee absolute security.
"We are in a constant race with attackers who are constantly improving their methods," said Deiselhof, "To keep up, and our defense must constantly improve."
Ethical hackers are cybersecurity experts who help identify vulnerabilities in a company's systems before criminals discover them. They simulate real-world attacks to test SIX's readiness to repel hacks.
"This is a non - standard practice for the financial sector," Deiselhof admits. "But in the face of growing threats, it gives us many advantages."
In addition to technical measures, SIX tightens security rules for staff - after all, employees are also often the target of hacker attacks.
After attempts at attacks through social engineering were identified, the company introduced additional measures: now employees ' badges do not contain surnames, strict rules were introduced to protect information when working with documents, and control was strengthened when working with confidential data.
However, Dijselhof predicts a prolonged period of weak economic growth and high inflation, which will put pressure on the global economy. This, in turn, may encourage hackers to launch new attacks on financial institutions.
Other companies should adopt the methods of their colleagues to strengthen the protection of their systems and not get caught on the hook.
The recent attack on the New York office of the largest Chinese bank, ICBC, once again demonstrated the vulnerability of the financial infrastructure in the face of cyber threats. Attackers used malware to disrupt the operation of the US Treasury bond market, forcing ICBC to transfer documents via couriers on USB drives.
Such incidents force companies that manage critical financial institutions to radically reconsider their approaches to cybersecurity. The head of the Swiss exchange group SIX, Jos Deiselhof, uses unusual methods: he hires "ethical hackers" to fight real intruders.
According to Deiselhof, the scale and complexity of cyber attacks are constantly growing. Hacker groups use sophisticated phishing, attack through calls and instant messengers, targeting several systems of large organizations at once.
To counter them, SIX invests in three layers of cyber defense: blocking unauthorized access, localizing an attack after penetration, and restoring systems after an attack. However, even this does not guarantee absolute security.
"We are in a constant race with attackers who are constantly improving their methods," said Deiselhof, "To keep up, and our defense must constantly improve."
Ethical hackers are cybersecurity experts who help identify vulnerabilities in a company's systems before criminals discover them. They simulate real-world attacks to test SIX's readiness to repel hacks.
"This is a non - standard practice for the financial sector," Deiselhof admits. "But in the face of growing threats, it gives us many advantages."
In addition to technical measures, SIX tightens security rules for staff - after all, employees are also often the target of hacker attacks.
After attempts at attacks through social engineering were identified, the company introduced additional measures: now employees ' badges do not contain surnames, strict rules were introduced to protect information when working with documents, and control was strengthened when working with confidential data.
However, Dijselhof predicts a prolonged period of weak economic growth and high inflation, which will put pressure on the global economy. This, in turn, may encourage hackers to launch new attacks on financial institutions.
Other companies should adopt the methods of their colleagues to strengthen the protection of their systems and not get caught on the hook.
