Imagery Majestic - Fotolia
SWIFT banking recently added a dedicated cyber intelligence team to its infosec program to perform network data breach investigations. This seems to be a drastic measure, but it could bode well for improved data breach protection. Are other organizations doing this? Should they be?
The Society of Worldwide Interbank Financial Telecommunication, commonly known as SWIFT, is a Belgium-based messaging network that enables financial institutions worldwide to share information and execute financial transactions.
In July 2016, SWIFT partnered with expert cybersecurity firms to create a dedicated cyber intelligence team to head network fraud and data breach investigations. This may seem like a drastic measure for improving security and data breach protection, but given the number of data breaches in today's environment -- including the hack of SWIFT, which resulted in the theft of $81 million -- taking this initiative is justified.
Other organizations should definitely follow SWIFT's example and create some kind of dedicated cyber intelligence or breach investigation and response team. Data breaches in the financial sector have become endemic, and not taking steps to perform data breach investigations and to learn how they occurred is unwise.
Data breach investigations can prevent the breaches from happening again, which is important because the impact they have on the world economy is significant. Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021.
Many organizations experience what is known as "security fatigue," which causes enterprises to feel hopeless and to act recklessly regarding cybersecurity. Yes, there are more cybersecurity laws, regulations and frameworks with which enterprises are required to be compliant. But consider that, less than ten years ago, a significant number of enterprises viewed information security as a necessary evil, and repressive. SWIFT and many other institutions have now realized that cybersecurity should be and is a part of doing business today.
Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)
Learn how to update your incident response process and leverage automation
Discover how to build an incident response toolkit for enterprise security
Read a chapter of Data Breach Preparation and Response: Breaches are Certain, Impact is Not
Dig Deeper on Information Security Incident Response-Information
Related Q&A from Mike O. Villegas
A social media security policy is necessary for most enterprises today. Expert Mike O. Villegas discusses what should be included in social media ... Continue Reading
A cybersecurity training center could help security professionals continue their education, but are the benefits worth the investment for enterprises... Continue Reading
Yahoo reportedly rejected a forced password reset after numerous data breaches compromised user data. Expert Mike O. Villegas discusses whether this ... Continue Reading