{"id":50655,"date":"2021-07-16T09:00:59","date_gmt":"2021-07-16T08:00:59","guid":{"rendered":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/?p=50655"},"modified":"2021-07-15T12:59:18","modified_gmt":"2021-07-15T11:59:18","slug":"cyber-resilience-in-the-hybrid-workplace","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/financial-services\/2021\/07\/16\/cyber-resilience-in-the-hybrid-workplace\/","title":{"rendered":"How to enable cyber resilience in the hybrid workplace"},"content":{"rendered":"
Global digitisation, combined with unprecedented changes to the financial services business model is demanding industry and digital modernisation. To remain competitive, financial services institutions must embrace new business models such as hybrid working alongside cyber resilience. These new hybrid working models need to balance productivity and scalability with agility and security<\/p>\n
Most financial services organisations already have robust defences. However, we know that no network, or system, is infallible. Attackers will use a variety of means to gain access to the estate. The financial services industry is also a high value target for cybercrime and fraud. According to PwC, 69 percent of financial services\u2019 CEOs reported that they are either somewhat or extremely concerned about cyber threats<\/a>. In a recent podcast with UK Finance, we took a closer look at the current threats facing financial services organisations and why cyber resilience is so important.<\/p>\n [msce_cta layout=”image_center” align=”center” linktype=”blue” imageurl=”https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/sites\/22\/2021\/06\/SUR21_SurfaceLaptop4_Contextual_Platinum_19_RGB-scaled.jpg” linkurl=”https:\/\/anchor.fm\/ukfinance\/episodes\/Enabling-cyber-resilience-in-a-hybrid-world-e12jnb9\/a-a5roa9n” linkscreenreadertext=”Listen to the podcast now” linktext=”Listen to the UK Finance podcast now” imageid=”50673″ ][\/msce_cta]<\/p>\n The future of work will remain hybrid. People are fluidly working between home and office, intertwining their personal and work networks. Many financial services organisations have security strategies that focus on recovery and operational resilience, with testing and recovery planning. So how can organisations ensure they stay secure and safe in a hybrid environment, while continuing to manage distributed and legacy environments? By making cybersecurity the foundation for operational resilience. Here\u2019s five ways to start.<\/p>\n Instead of assuming everything behind a corporate firewall is safe, assume compromise. Continually ask \u2018what if\u2019. What if an attacker gained access to your network, servers or data? What if a trusted insider gained access to information they shouldn\u2019t? What could be done with it? Therefore, what level of protection is needed to help keep information safe?<\/p>\n Organisations may be operating in a hybrid or multi-cloud environment, using thousands of different applications. Employees may be working on multiple devices in different locations. As a result, a defence-in-depth approach is needed to protect data and services.<\/p>\n The hybrid workplace is borderless, so wrapping security around identity and devices is critical. Recent cyberattacks have shown that identity is the new battleground. Implementing multi-factor authentication (MFA)<\/a> can prevent 99.9 percent of credential attacks, yet many organisations have yet to fully deploy MFA. We also see Zero Trust security as a business imperative.<\/p>\n Zero Trust takes a risk-based approach by embracing the principle of least privilege. It assumes compromise and verifies each request as though it originates from an open network. Regardless of where the request originates or what resource it accesses, Zero Trust teaches \u201cnever trust, always verify.\u201d Every access is fully authenticated and authorised before granting access.<\/p>\n When integrated with security and compliance solutions, employees can securely sign on once, and access everything needed, when needed. No matter the location.<\/p>\n For Rabobank<\/a>, taking an identity-first approach to security opened up more productivity for their people.<\/p>\n \u201cThe ability to more securely access documents through Microsoft Teams and OneDrive from mobile devices means people can easily work in different locations, but still keep our data and documents highly protected in our environment.\u201d<\/em><\/p>\n Erik Passchier, Global Head of IT Infrastructure at Rabobank.<\/p><\/blockquote>\n <\/p>\n Anything that has a connection to the internet is potentially vulnerable. While the cloud boasts multiple security benefits, organisations need to segment infrastructure and networks, to reduce the probability of lateral movement across the estate. This is especially important for any legacy services or systems that can\u2019t be patched or upgraded.<\/p>\n Ensuring devices and infrastructure are updated with the latest security patches and updates is very important. In the cloud, patching becomes part of the shared responsibility model, making it easy for teams to manage updates.<\/p>\n As part of their hybrid strategy, Rabobank has built robust mobile device management policies and uses tools like Endpoint Manager<\/a> and Intune<\/a>. These focus on making it easy for employees to securely access work apps across devices. They use protection policies to restrict company data from being saved to local devices or moving across to other apps.<\/p>\n \u201cBefore, I only had access to email while out of the office. Now if I\u2019m traveling to work on the train or working from home, I can call colleagues and we can work together in the same document. The ability to be more mobile is a huge step forward.\u201d<\/em><\/p>\n Boy Sleddering, Senior Vice President Corporate Communications at Rabobank.<\/p><\/blockquote>\n Automation and orchestration are key to enabling cyber resilience. For example, Microsoft XDR<\/a> provides better detection, incident response and blocks known threats. Additionally, it\u2019s key to reducing security operations fatigue and increasing efficiency with the volume of alerts. It also provides the opportunity to be proactive by performing active threat hunting. Machine learning can also identify and correlate behavioural-based attacks .<\/p>\n SIEM provides an aggregated and unified experience with investigative capabilities across the estate. Checking for Indicators of Compromise (IOCs), analysing logs, verifying changes, isolating and potentially preserving forensic data is critically important for financial services organisations to leverage as an audit trail for regulators and law enforcement.<\/p>\n Waverton Investment Management<\/a> used automation to help streamline their security processes, adopting tools including Azure Sentinel<\/a>.<\/p>\n \u201cNow we have one platform that looks across all our estate. One system, one skillset means greater understanding and more effectiveness. We have a more comprehensive solution, and we can focus staff training on the Microsoft solutions, so we have broader security competence through our team.\u201d<\/em><\/p>\n Mudassar Ulhaq, Chief Information Officer at Waverton<\/p><\/blockquote>\n We know there is a balance between human capacity and skilled resources which is also at a premium right now. (ISC) \u00b2 reports that there is a 3.1 million cybersecurity gap<\/a>. While automation and machine learning can reduce the noise, the cybersecurity professional skills gap needs to be addressed. Introduce new ways of acquiring talent, apprenticeships and diversity and inclusion programmes. Highlight talent in-house and re- or upskill your employees.<\/p>\n Each employee should have good digital literacy and understand the different type of cyber threats that they may be exposed to, such as phishing attempts and business email compromise. However, leaders must also have digital empathy for the end-user experience and be mindful of the stressors that they be facing. Security and compliance can work together by being dynamic to the changing landscape, and help employees to be safe and secure, through regular tips that reinforce awareness of the policies.<\/p>\n Financial services organisation needs to be kept up to date on cyber capabilities and made aware of potential threats on an ongoing basis through both push and pull means. However, key to cyber resilience is collaboration and partnerships. For example, the Financial Sector Cyber Collaboration Centre collaborates with around 40 organisations, including Microsoft. We work together to provide focussed messages across an array of customers that is timely and relevant.<\/p>\n Strong governance, operational resilience and partnerships are key to ensure the financial services industry builds cyber resilience now and, in the future, in the face of an ever-changing landscape.<\/p>\n Listen to more in the Future of Finance podcast with UK Finance<\/a><\/p>\n Take the Zero Trust Assessment <\/a><\/p>\n1.\u00a0\u00a0\u00a0\u00a0\u00a0 Assume compromise<\/h2>\n
2.\u00a0\u00a0\u00a0\u00a0\u00a0 Protect identity<\/h2>\n
3.\u00a0\u00a0\u00a0\u00a0\u00a0 Keep devices and networks healthy<\/h2>\n
4.\u00a0\u00a0\u00a0\u00a0\u00a0 Automation and audit logs<\/h2>\n
5.\u00a0\u00a0\u00a0\u00a0\u00a0 Invest in people and skills<\/h2>\n
Enabling cyber resilience<\/h2>\n
Find out more<\/h2>\n