With the FBI issuing a warning that it expects an increase in cybercrime tied to mobile banking and others reporting increases in cyberattacks against financial institutions, cybersecurity continues to be an ever-evolving task requiring a full arsenal of responses.
Unlike tools that focus on past actions, vendor cyber monitoring lets FIs monitor their vendors’ cybersecurity in real-time. It can help determine if vendor websites are using the latest security, whether they are certified, and if a vendor has been mentioned on the dark web, which can be a sign of a planned attack.
Vendor cyber monitoring helps:
Assess vendors’ ability to effectively identify and resolve incidents.
The insights cyber monitoring provides can help you learn more about your vendor’s cyber risk by giving you answers to questions like: Are you uncovering issues before the vendor? Are these relatively minor issues or potentially serious vulnerabilities? When notified, are issues promptly corrected? Do you feel comfortable proceeding with the vendor? Compare cyber monitoring reports to vendors’ self-reported and third-party reports (SSAE 18s, penetration testing, etc.) for consistency.
Identify low- and medium- residual risk vendors so that resources can be allocated to high-risk and critical vendors.
Regulations require that FIs identify high-risk/critical/significant vendors. Cyber monitoring data can help refine those assessments by providing a real-world demonstration of vulnerabilities in a vendor’s cyber controls.
The data’s impact can be maximized by tying it into existing risk assessment data to dig into vulnerabilities requiring greater scrutiny. Some vendors have low residual risk because they’re following best practices while others have issues. Vendors with existing vulnerabilities or a history of vulnerabilities will require greater scrutiny than other critical vendors. Vendor cyber monitoring helps identify these vendors so that FIs know they require extra oversight and additional monitoring resources.
Prioritize issues requiring remediation to reduce risk.
New threats are constantly emerging. It’s not always obvious which ones are the most worrisome. Cyber monitoring data helps uncover emerging cyber risks and gives FIs a chance to proactively reach out to vendors (and look at the FI’s own internal operations) if one issue is particularly dangerous or common.
Document results to assist in the ongoing monitoring of the vendor relationship.
Cyber monitoring shows whether the vendor is doing enough with:
- System protection. Both physical access and systems control should be logged and monitored. Email and customer data should be secure. Monitoring for those details will give data that goes beyond SSAE 18 to ensure systemwide protection.
- Internal controls. Vendors must implement controls to prevent or mitigate the severity of a cybersecurity attack. These are tested through audits, but monitoring ensures they still exist.
- Data security. There should be protocols and multi-factor authentication during data transmissions and storage and protocols for securely destroying data.
- Cloud risk. Vendors that rely on a cloud-based system require additional scrutiny.
With cybersecurity regulations and the growing problem of cyberattacks and breaches, vendor cyber monitoring is a wise investment for financial institutions that want to be sure third-party vendors are doing everything they can to protect systems and data.
To learn more about the benefits of third-party vendor cyber monitoring, download our whitepaper Not One & Done: Making the Case for Continuous Monitoring of Third-Party Cyber Risk