Greg Montana | Chief Risk Officer, FIS
August 26, 2019
Given the increase in state-sponsored cyber-attacks on financial institutions worldwide, financial institutions in the United States (U.S.) must prepare for a major data destruction attack that wreaks havoc on the U.S. financial system. As described in Part 1 of this two-part series, most current business continuity and disaster recovery plans do not sufficiently prepare for a disabling cyber-attack that would prevent customers from accessing their accounts for an extended period as most plans do not account for the attacker impacting the backup system as well as production.
Part 2 details how joining Sheltered Harbor can protect the stability of your institution and your customers’ trust.
A series of cybersecurity exercises facilitated by the U.S. Department of the Treasury in 2015 revealed potential vulnerability of the U.S. economy in the event of an increasingly likely major cyber-attack on financial institutions. As a result, Sheltered Harbor – a non-profit industry consortium – was formed and comprised of financial institutions, core service providers, national trade associates and trusted partners that provide solutions to help participants implement the Sheltered Harbor standard. Participants’ companies currently hold 71 percent of U.S. deposit accounts and 55 percent of client assets at U.S. retail brokerage firms.
The goal of Sheltered Harbor is to provide an interim solution that ensures customers have access to their financial accounts in the event of a cyber-attack until their institutions’ failed platforms and systems can be restored. Institutions will stand up a temporary, separate processing platform outside of their compromised system to take its place.
Three core elements demonstrate how Sheltered Harbor works:
As the battleground shifts to cyber-attacks, financial institutions must act to protect themselves and their customers:
Tags: Technology, Risk & Compliance
Let's work together to reach your goals. Contact us at the links below and a representative will be in touch.