The cybersecurity industry, especially the banking sector, is an ever-evolving field and is constantly being challenged by new threats and technologies.
In an exclusive interview, Augustin Kurian, editor-in-chief of The Cyber Express, said: roman medinaThe Senior Vice President and Chief Information Security Officer (CISO) at Jefferson Bank takes a deep dive into these challenges and the strategies employed to combat them.
Mr. Medina’s tenure at Jefferson Bank, which began in 2014, coincided with a period of significant technological advancement and increased cyber threats, providing insight into changes and adaptations to the bank’s security strategy over the years. We are in the perfect position.
Looking to 2024
Roman Medina expects a continued focus on specific cybersecurity threats, particularly social engineering and impersonation attacks. These techniques exploit human psychology rather than technical vulnerabilities and have proven highly effective for cybercriminals.
Medina’s insights point to a growing trend in which fraudsters, aware of financial institutions’ tightened security measures, are increasingly targeting bank customers directly.
The methods include sophisticated tactics such as fake SMS messages and fraudulent phone calls designed to trick customers into divulging sensitive information or clicking malicious links.
These attacks are particularly difficult to combat because they bypass traditional security measures such as firewalls and antivirus software by directly targeting end users.
Medina emphasizes that combating these threats is not just technological. You should also focus on customer education and awareness.
Customers need to be informed about the types of attacks they may encounter, how to recognize them, and the appropriate actions to take in response. This approach is critical to building a first line of defense against social engineering tactics.
The rise in these threats signals a changing threat landscape for the banking sector. As banks strengthen their digital defenses, cybercriminals are adapting by discovering new vulnerabilities, often in the form of human error or oversight. This cat-and-mouse game between security experts and fraudsters is likely to intensify as both sides continue to evolve their tactics.
Strategies against fraud and attacks
Roman Medina emphasizes the importance of a multifaceted strategy that goes beyond traditional security measures in the fight against fraud and cyberattacks. Central to this approach is customer education and awareness.
Fraudsters are directly targeting banking customers, so understanding and being aware of potential threats is critical to preventing fraud before it happens. Medina emphasizes the role of educating customers about typical scams, such as fraudulent SMS and phone calls, and coaching them on how to respond to such situations. This proactive approach to customer education forms a key element of the bank’s defense strategy.
Medina also discusses the need to adapt and strengthen technical defenses against advanced attacks, especially those that target multi-factor authentication systems.
Reflecting our understanding that the technology and tactics used by cybercriminals are constantly evolving, Jefferson Bank is seeking additional ways to strengthen our defenses against such threats.
Another significant concern highlighted by Medina is the persistent threat of ransomware. Financial institutions continue to be prime targets for ransomware attacks and require robust backup systems and incident response plans.
However, Medina notes that ransomware tactics are changing, with cybercriminals increasingly relying on extortion. This change means that simply having good backups is not enough. Banks must also prepare for a scenario where sensitive information may be compromised unless a ransom is paid.
Medina’s insights on combating fraud and attacks demonstrate the need for a dynamic and evolving cybersecurity strategy in the banking sector. This includes not only keeping up with technological advances, but also making sure you are ready to play a role in keeping your customers well-informed and preventing fraud.
Threat intelligence and risk mitigation
Roman Medina highlights the importance of threat intelligence in Jefferson Bank’s cybersecurity framework. The bank’s approach to threat intelligence began about four years ago and has continued to evolve since then. The main focus of their strategy is proactiveness, being proactive rather than simply reacting to potential threats.
This includes monitoring for brand impersonation and spoofed websites and taking steps to mitigate these threats, including removing malicious sites and informing both customers and employees of potential risks. This includes taking immediate action.
Another important aspect of their threat intelligence strategy is monitoring the dark web for signs that the bank or its customers’ data may be compromised. For example, if a bank-related email is found on the dark web, take proactive steps to ensure that potentially compromised credentials are not used within the bank’s network. This approach also applies to educating employees on good password security practices.
Approaching legacy systems and BYOD policies
Roman Medina works on two important aspects of cybersecurity in the banking sector: legacy systems management and Bring Your Own Device (BYOD) policies. He recognizes the challenges posed by legacy systems, which often become weaker over time.
Medina emphasizes the importance of having a clear plan to address these systems through upgrades or migration to newer, more secure platforms. Where legacy systems are unavoidable, Jefferson Bank has implemented stringent security measures, including increased monitoring and limited access, to reduce potential risks.
An interesting approach taken by the bank is to turn off legacy systems when they are not normally used and turn them on only when needed. This strategy greatly reduces the exposure of these systems to potential cyber threats. Medina’s treatment of legacy systems demonstrates a pragmatic approach that balances the need to maintain certain outdated systems with the need to ensure robust security.
Choosing a cybersecurity tool
In discussing cybersecurity tool selection, Roman Medina sheds light on the complex process behind choosing the right solution for Jefferson Bank. He explains that there is no one-size-fits-all checklist for selecting these tools. Instead, the process is highly tailored to the bank’s specific needs and objectives.
An important criterion in the selection process is compatibility with existing security architectures. Medina emphasizes the importance of seamlessly integrating new tools into a bank’s existing security ecosystem. This includes compatibility with single sign-on and multi-factor authentication systems, especially since many of the bank’s solutions are cloud-based.
Another important factor is the cloud hosting provider’s security posture. This is assessed through business continuity plans, disaster recovery capabilities, and independent security audits. Medina places particular emphasis on Service Organization Control (SOC) reporting, which provides detailed insight into a provider’s security controls and practices.
Additionally, Medina emphasizes the importance of actionable alerts in cybersecurity tools. The bank wants a solution that not only detects threats, but also provides clear, actionable intelligence to respond effectively. This approach reflects a proactive stance in the following areas: cyber securityfocuses on tools that not only issue warnings but also guide response teams to mitigate threats.
The rise of AI in cybersecurity
The integration of artificial intelligence (AI) in cybersecurity is a topic of particular interest to Roman Medina. He acknowledges the growing presence of AI in various cybersecurity applications and the potential benefits it can bring. Medina points to his two key areas where AI is playing its role in the banking industry: increasing employee productivity and incorporating into cybersecurity solutions.
Medina mentions AI tools like ChatGPT that bankers are using to assist with various aspects of their operations. This use of AI reflects a broader trend in the industry where AI is increasingly seen as a tool to augment human capabilities and improve efficiency and accuracy. However, Medina also emphasizes the need for a careful approach to ensure these AI tools are used responsibly and consistent with the bank’s security policies.
On the cybersecurity side, Medina notes that many security solutions are starting to include AI modules or frameworks. This trend is changing the way cybersecurity is approached, with AI providing more advanced and automated threat detection and response capabilities.
However, it highlights the importance of understanding how these AI models work, especially from a learning and data privacy perspective. Medina’s approach to AI in cybersecurity is permissive and cautious, recognizing the potential of AI but keenly aware of the need to maintain control and oversight over these powerful tools.
In conclusion, this interview with Roman Medina provides valuable lessons and guidance for cybersecurity professionals and banking industry stakeholders. This highlights that resilience, adaptability and proactive strategies are essential in protecting the financial sector from the ever-evolving cyber threat landscape.