Tensions between the U.S. and Iran have soared in the last weeks. Washington and Tehran came close to a direct military conflict last month when the U.S. accused Tehran of orchestrating two attacks on oil tankers in the Persian Gulf region, which Iran denied. Then, after an Iranian missile shot down a U.S. drone, the U.S. ordered reactive airstrikes that were called off at the last minute. Instead, it was widely reported that the U.S. Cyber Command in the Pentagon launched cyber-attacks against the Iranian group that have been planning and orchestrating the tanker attacks in the region.
How do major regulatory frameworks for financial services differ across the world, and how is this changing?
Security testing (including scanning, penetration testing, red teaming, and more), is often seen as a compliance bug bear. However, if your security team wants to provide a level of assurance to the business that if an attack was to take place, you are well placed to both defend and detect it, it is essential that you perform the right kind of testing for your business. In this post, we’ll take a look at the types of testing you should be deploying within your organization by explaining what each type of test does and what it can (and can’t) deliver for you.
We just released our latest edition of PERCEPTION, our cyber threat intelligence briefing for the financial services sector edited by Dr Graham Shaw. This contains informative, relevant and timely information about the cyber threat landscape for financial institutions, current threat actors and recent activities, and is designed to help you address the cyber risks faced by your organization.
Cyber-attacks and the impact they have on organizations are becoming much better understood. However, in facing increasingly sophisticated, targeted and untargeted attacks, the complexity and scale of the threat means that avoiding a cyber-attack is becoming harder for organizations. If a cyber-attack is going to happen at some point, it’s essential that organizations plan for, and prepare to respond to, the inevitable. But this can be easier said than done. What steps do organizations need to take to develop a cyber security strategy that ensures they are prepared?