Cyberattackers know where the money is. They relentlessly target financial institutions through increasingly sophisticated tactics—hoping to infiltrate systems, leverage Data to their advantage, create chaos and profit. Whether the end game is collecting a ransom, compromising bank accounts or causing business disruption, there is no denying their potential to cause lasting harm.
Regulators worldwide continue to take note, vigorously establishing and enforcing rules as they seek to ensure that banks and other financial institutions remain sound and secure. For one large US financial company, the growing pressure from regulators led their leaders to take a hard look at their organisation’s existing and future cyber Capabilities and ultimately begin charting a new path—one that would provide greater visibility into Data, boost security and improve compliance.
The combination of siloed business, risk and technology functions and interconnected systems created challenges as the company began defining its ambition and pondering a way forward. And while company leaders wanted to improve their incident readiness with a cyber recovery vault, they quickly realised they needed to do more than install the new technology. They needed a business-centric approach to cyber that synchronised a much broader set of Capabilities that ultimately drove their cyber transformation.
Factors in focus
The company had already taken an important step toward greater resilience. It had selected a vendor to provide a cyber recovery vault. Such a vault can protect essential business Services by storing essential backups and business Data in a segregated, secured and immutable form, preserving Data almost as if it were cryogenically frozen. Through this innovative design, malware that makes its way into the vault never has a chance to deliver its payload, thus preserving the environment. By turning to a vault in the wake of a cyberattack, a company can extract, cleanse and recertify any exposed Data and applications before putting them back onto its network.
For the financial institution, the vault needed to do more. Company leaders wanted to get maximum value from the vault. They wanted to ensure that it would support evolving regulatory and Reporting needs and that it would enable future business endeavours. Leaders wanted more than a technological Solutions, they wanted a business-focused Solutions and they enlisted Deloitte’s help to begin crafting that Solutions.
Collaborating with Deloitte, the organisation took a step back to define a more extensive cyber resilience program as part of a broader cyber transformation. Deloitte provided technical oversight for the vault’s requirements, design and architecture. Deloitte also worked closely with the financial institution to develop an operating model and Governance to integrate vault operations with existing IT and cyber operations.
Next, the two organisations began crafting an enterprise-wide cyber incident response plan—one designed to help the organisation quickly investigate and defend against a destructive cyberattack scenario. To make sure company leaders were aligned on challenges, opportunities and outcomes under the programme, Deloitte conducted multiple resilience labs focused on exploring the possibilities, aligning on the priorities, identifying the critical business Services and ultimately selecting the appropriate strategies.
As the pieces of the broader transformation came together, Deloitte worked with the company to test processes for recovering Data from the vault. And the work did not end there. The two organisations established a multi-year integrated programme plan that aligned the financial institution, the technology providers, the regulatory bodies and Deloitte on the path ahead.
Through this broader cyber transformation, the organisation reduced their cyber risk, business risk and regulatory risk, increased visibility into the essential Services, processes, applications, infrastructure and Data and improved its confidence in its ability to recover from destructive cyberattacks.
Improved technologies and controls for responding to and recovering from cyber incidents
Increased business resilience, with accelerated recovery Capabilities
Greater visibility into business-critical Data and processes
Opens in new window
Improved ability to meet regulatory demands
Reduced risk and increased confidence across the enterprise
Opens in new window
How will your organisation respond to and recover from its next potential cyber incident? And how will your organisation transform its cyber Capabilities to help safeguard your business and stakeholders and build trust from end to end?
Opens in new window