financial supply chain

This photo illustration shows a man trying to log into his bank account through a mobile app. (Photo by Saeed KHAN / AFP)

Securing the financial services supply chain

Just like the supply chain of any industry, the financial services supply chain is also vulnerable to cyber-attacks.  The financial services supply chain is mostly made up of services that are provided by third-party vendors.

As the financial sector is the most regulated industry, ensuring the best security practices is a prerogative they need to have. In the financial sector, third-party vendors would refer to critical providers.

Critical providers are defined as non-financial organizations providing network infrastructure and services that, if impacted by an incident, would in real-time interrupt a significant amount of core financial services across the sector, in turn impacting the public’s ability to manage financial transactions.

In the financial sector, transparency is key. This is why financial services will need to have visibility over their critical providers, especially with regulators watching them closely as more technology is being implemented onto processes and services.

Today, technology enables accurate machine learning algorithms that speed up processes when it comes to critical providers. Monitoring programs are able to flag critical providers that may not seem as secure as initially thought.

To help secure the financial sector’s supply chain, FS-ISAC, the only global cyber intelligence sharing community solely focused on financial services, launched its Critical Providers Program.

As critical service providers increasingly host, connect, and protect a substantial percentage of financial institutions’ infrastructure, FS-ISAC created the program to foster continuous collaboration and information sharing between its member firms and their providers. This will bolster the industry’s protections and preparedness against sophisticated cyber threats.

According to Teresa Walsh, Global Head of Intelligence of FS-ISAC, as financial services adopt new technologies to evolve the way they operate and serve customers, critical providers have become both an important ally to the industry and a target for cybercriminals

“The Program will ensure our members efficiently receive accurate and timely security information from their critical providers. In the event of a large-scale incident, this will empower our members to act and/or remediate expeditiously, while arming them with the pertinent information to brief key stakeholders,” explained Walsh.

Joining the Critical Providers Program as a founding member is Akamai Technologies. Akamai will help facilitate a two-way dialog with the financial sector about threat intelligence and cybercriminal tactics.

“We are looking forward to sharing what we are seeing from the unique vantage point of our globally distributed edge platform, listening to the members’ experiences, and collaborating on ways to mitigate current and future risks,” said Dr. Boaz Gelbord, Chief Security Officer, Akamai.

During a large-scale cyber incident or threat involving the sector and its critical providers, the Program will leverage FS-ISAC’s dedicated communication channels to expedite the dissemination of accurate information necessary to address the immediate risks and keep the industry safe.