|
Further to this, on Tuesday this week the Council of Financial Regulators (CFR) released its Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework – click here to access a copy of the 67 page framework.
The most interesting of the exercises is the Threat Intelligence-led Adversary Attack Simulation, otherwise known as the Red Team exercise. Essentially, an independent Red Team Provider or ‘red hat hacker’ simulates a real life attack scenario by using a range of techniques such as phishing, spear phishing, or watering holes etc. to gain access to a FI’s internal network through their staff. Once access is gained, the Provider will attempt to compromise the system, most often by making payments etc.2
As CORIE notes in its introduction: Cyber operational resilience requires that people, processes and information systems adapt to the ever-evolving threat landscape. To maintain the ability of financial institutions to avoid significant financial loss and worst-case scenarios, cyber operational resilience must be proactive and not reactive.4 The results of the exercises will go into a report that will set out the systemic weaknesses in Australian FI’s cyber resilience, and areas that will require improvement. |
Lavan comment |
When it comes to a data breach, time is of the essence. No organisation is free from the risk of an attack - the CORIE framework emphasises that being reactive is no longer enough. |
[1] |
Cyber Operational Resilience Intelligence-led Exercises framework, page 2. |
[2] |
Ibid, page 18. |
[3] |
Ibid, page 4. |
[4] |
Ibid, page 2. |