Aggregated News From Investment Management Regulators

Making Effective Use of Threat Landscape Reports


Please complete the required fields.

By Alan Decelis – Head of Supervisory ICT Risk and Cybersecurity, MFSA

At this time of the year, it is common practice for renowned organisations in the cybersecurity and technology fields to issue threat landscape reports with their observations about relevant threats, trends, techniques, actors, incidents, key findings, and mitigating measures. The ENISA Threat Landscape (ETL) report released in October and the Europol Internet Organised Crime Threat Assessment released in November are two very suitable examples. These reports provide an invaluable learning opportunity and financial entities should seek to use them effectively.

This year, we have seen Ransomware dominating the threat scene, increasing its layers of extortion. We have also experienced emerging threats like supply-chain attacks, as well as misinformation and disinformation. The circumstances brought by the COVID-19 pandemic have been factored within cyber attack vectors, but they also gave rise to human errors and system misconfigurations as organisations rushed their technology adaptation strategies to sustain their businesses. As money remains the most relevant motivator behind cyberattacks, we have seen the crime-as-a-service market proliferate and the emergence of the hacker-for-hire business model.

Financial entities should develop their own cyber threat intelligence practices, taking into consideration their size, risk profile, reliance on information and communications technology, and the services and products that they provide. The contents of Threat Landscape Reports should then complement the established cyber threat intelligence practices.

Threat Landscape Reports should be used by organisations to ensure that they have good visibility over the threats, and that they understand their relevance to their particular businesses. They should help organisations gain more clarity in identifying who the threat actors are, the interest they have in their businesses (threat actors can also be inside an organisation), and how they can capitalise on the threats and be of substantial risk to their businesses. Organisations should assess whether they have mechanisms in place and update them with regard to any developments associated with the relevant threats. Intelligence from these sources should feed into the risk management framework, the processes of which should also take into consideration information assets, existing controls and vulnerabilities in conjunction with the threats. Organisations should also ensure that their vulnerability management practices are responsive to emergent threats while ensuring that signature-based defence systems continue to be updated. At a tactical level, organisations should engage in exercises like threat hunting.

The best manner in which an organisation can assess the effectiveness of its preparedness against relevant threats is through testing. The industry has developed intelligence-led testing or red-teaming methodologies such as TIBER and CBEST. Such testing (advanced digital operational resilience testing) is expected to become mandatory under the Digital Operational Resilience Act against the principle of proportionality. Nevertheless, financial entities engaging with security testing service providers do need to see that the testers are following industry-standard methodologies within their testing processes and that they do take into consideration the relevant threats.

This news item was originally published by the Malta Financial Services Authority (MFSA MT). For more information, see the Source Link.

Regulator Information

Abbreviation: MFSA
Jurisdiction: Malta

Recent Articles

Grand Trust Holdings United Kingdom

We believe this firm may be providing financial services or products in the UK without our authorisation. Find out why you should be wary...

Announcement for the referral of a suspicion of violating Article (49) of the Capital Market Law and Article (2) of the Market Conduct Regulations...

In line with the Capital Market Authority's (CMA) responsibilities to protect the citizens and investors from unfair or unsound practices, and aiming to achieve...

Guidance on Application for Registration of a Virtual Assets Service Provider

Guidance Attachment: guidance_-_application_for_vasp_registration.pdf This news item was originally published by the British Virgin Islands Financial Services Commission (BVIFSC VG). For more information, please see the Source Link.

Virtual Assets Service Providers Guide to the Prevention of Money Laundering, Terrorist Financing and Proliferation Financing

Guidance Attachment: vasp_aml_cft_guidance.pdf This news item was originally published by the British Virgin Islands Financial Services Commission (BVIFSC VG). For more information, please see the Source...

Get the latest from Regulatory.News in your inbox!