Citizens Bank CISO Emphasizes Importance of Cyber Resilience in Banking
In a recent interview with Help Net Security, Matthew Darlage, the Chief Information Security Officer at Citizens Bank, delved into the key strategies for bolstering cyber resilience within the banking sector. Darlage underscored the crucial role of frameworks like NIST in driving continuous improvement and highlighted the significance of implementing data protection measures to safeguard bank operations. Additionally, he stressed the need for robust third-party risk management practices and flexible security protocols to enhance overall resilience.
One of the core pillars of an effective cyber resilience strategy, according to Darlage, revolves around establishing a strong foundation built upon traditional GRC programs, robust risk management practices, fault-tolerant security infrastructure, and robust incident response capabilities. He also emphasized the importance of regularly testing disaster recovery and resilience plans, implementing strong vulnerability management practices, conducting awareness and training campaigns, and maintaining a comprehensive third-party risk management program. Furthermore, Darlage highlighted the critical role of identity and access management (IAM) in fortifying access controls and supporting modernized identity practices to ensure a securely enabled workforce and customer experience.
In the realm of global regulatory frameworks, Darlage discussed the significant influence of frameworks like the NIST Cybersecurity Framework on shaping banks’ approach to resilience. He pointed out that these frameworks advocate for a continuous improvement strategy in IT security, prompting organizations to assess their security posture regularly, identify gaps, and implement measures to enhance their cyber resilience. By providing a standardized language and execution template, these frameworks aid organizations in bolstering their cybersecurity programs and overall resilience.
When it comes to responding to cyber incidents, Darlage cautioned against common pitfalls such as assuming all organizational platforms operate as expected, neglecting to update incident response playbooks, and underestimating the importance of recruiting top talent. Effective communication plans, adaptability, and strong connectivity to core functions of the organization were highlighted as key areas where banks often falter in incident response. Additionally, Darlage stressed the criticality of thorough governance and proactive management of third-party risks, particularly in mitigating vulnerabilities and potential attack surface implications.
Given the growing reliance on third-party vendors, Darlage emphasized the need for banks to prioritize continuous monitoring and improvement to mitigate supply chain cyber threats. Contractual safeguards, due diligence, security reviews tailored to risk levels, and a joint understanding of core pillars such as data protection and risk management were identified as crucial strategies for resilience against supply chain risks. By viewing vendors as extensions of their network and ensuring heightened awareness and governance, banks can better safeguard against potential cyber threats originating from the supply chain.
In his closing recommendation to banking executives on cyber resilience, Darlage urged leaders to prioritize data protection as a core mission. Emphasizing the criticality of safeguarding the organization’s most valuable asset, data, Darlage underscored the importance of implementing robust data protection measures across the entire data lifecycle. He emphasized that cybersecurity should be perceived as a strategic investment in the company’s future success, enabling security measures to serve as enablers rather than obstacles in the ever-evolving technology landscape of the banking industry.