According to the FBI, cybercrime reports have quadrupled during the pandemic. Quite often cybersecurity is an afterthought for SMEs that do not have the resources of larger organisations to defend themselves and act once breached.
This is something that Mastercard is seeking to tackle with its newly launched 'Trust Center', which it describes as something to help small businesses defend their business and their reputation, through free online access to trusted cybersecurity research, education, resources and tools.
The cyber and intelligence team from the payments giant has been working with small businesses for years, and the Trust Center is the culmination of such work and partnerships. Each business has unique needs, so the Trust Center provides a tailor-made approach, whether entrepreneurs are starting to learn about cybersecurity, expanding their knowledge or mastering cyber. No matter where they are on their cybersecurity journey, Mastercard says it has the tools and solutions to help.
Cyber risk management in financial services
Elsewhere, with the digitalisation of financial services leading to the risk of cyber and information security attacks growing year on year, the association of operational risk professionals ORX has launched a new service - ORX Cyber - which aims to transform how the industry manages and measures this threat.
Offering a central hub for cyber risk management professionals to collaborate, exchange ideas and learn from each other’s practices, ORX Cyber has been designed to help businesses reduce the impact of Cyber attacks through more effective and efficient risk management. Twenty-two financial services organisations from around the world have already committed to working with ORX on tackling cyber risk, which has featured in the top 2 operational risks in ORX’s emerging risk surveys since 2016.
“Despite the progress the industry has made in this area over the last few years, each institution still manages cyber risk differently," said Steve Bishop, who heads up ORX Cyber. "There is no common language or taxonomy to identify, collate, describe and report cyber risk events within the industry. Organisations are often working in isolation, each with its own definitions and styles of practice. This makes it challenging for organisations to understand their risk exposure and to benchmark with industry peers. It is challenging to collaborate to understand the risk and to identify solutions to improve controls and reduce the risk exposure and ultimately cyber incidents.”
According to ORX, the challenges in managing cyber risk can be summarised as follows:
- Lack of easily available, relevant cyber event data (where an attack has impacted a firm).
- Lack of clarity and consistency in practice.
- Difficulty comparing and benchmarking data and practice.
- Multiple and conflicting industry frameworks and global regulations.
ORX Cyber has been launched in direct response to these challenges and has been created specifically for cyber and information security risk professionals in the second line of defence. ORX Cyber combines loss data exchange with collaboration and research to provide second line practitioners with the insights and information they need to effectively manage and measure this key risk. It is offered via a subscription model, with an introductory offer currently available for members and non-member of ORX.
“ORX Cyber is designed to break down barriers which currently impede effective data collection and benchmarking," adds Bishop. "This ultimately helps the second line to support the business in achieving its strategic goals in a safe and sustainable way, and protects customers, shareholders and reputations from the damaging effects of cyber attacks."
Software for an effective cyber incident response
In addition to knowledge hubs where information and best practices for cyber security can be shared, technology also plays a key role in identifying and reporting cyber threats. In line with this, technology firm Tandem has announced the release of Tandem Incident Management, a software product for creating an incident response plan and tracking incidents as they occur.
“With the current cyber climate, our customers are facing significant operational and reputational risks,” said Brady Cook, General Manager for Tandem. “Our goal with the release of Tandem Incident Management is to give our customers the tools they need to prepare for the inevitable and effectively manage incidents.”
Tandem Incident Management software helps companies be proactive in their cyber resilience strategy. The platform provides features and recommendations based on the National Institute of Standards and Technology (NIST) SP 800-61 Rev. 2, Computer Security Incident Handling Guide. With a straight-forward method for creating a plan to handle incidents, alongside the ability to track response processes when incidents occur through the six stages outlined by NIST, Tandem Incident Management offers an all-in-one incident response solution, designed with security professionals in mind.
Like this item? Get our Weekly Update newsletter. Subscribe today