MSSP SecureCyber is bolstering the security services it delivers to financial organizations by integrating its managed extended detection and response (MXDR) platform with the Financial Services Information Sharing and Analysis Center (FS-ISAC).
The FS-ISAC is a not-for-profit financial industry consortium that includes a threat intelligence platform and a real-time network for sharing that intelligence to drive cybersecurity and resilience in the worldwide financial system.
Integrating with the FS-ISAC will give SecureCyber access to that information to feed it into its MXDR to better protect its financial services clients, according to Shawn Waldman, founder and CEO of the 15-year-old MSSP and one of MSSP Alert’s MSSP 250 companies.
“This is very specific intelligence based on assets connected to the financial industry,” Waldman told MSSP Alert. “We no longer have to manually input or hunt down threats that are specific to this industry. Now we are directly connected to FS-ISAC and using their real-time intelligence combined with our proprietary automation and playbooks.”
An Intelligence Boost for MXDR
Security operations centers (SOCs) use SecureCyber’s MXDR platform to quickly detect and respond to cyberthreats and build resilience of organizations’ infrastructures and financial data. SOCs use the platform to access such services as SecureCyber’s threat database and FortiGuard Labs insights, SIEM and SOAR data, secure email and training, and troubleshooting new devices and applications.
Integrating with FS-ISAC will add automated ingestion of critical threat data, parsing of multiple data feeds to provide a unified view of the threat intelligence, correlation with known malware variants and threat actors to derive insights into emerging threats, and more data to enrich alerts for faster threat identification and prioritization.
Financial Firms Under Fire
In recent years, the financial services industry has seen an increase in both cyber incidents (from 1,829 in 2022 to 3,348 last year) and those with data disclosure (from 477 to 1,115), according to market research firm Statista. In a report in April, the International Monetary Fund (IMF) wrote that “the financial sector is uniquely exposed to cyber risk. Financial firms – given the large amounts of sensitive data and transactions they handle – are often targeted by criminals seeking to steal money or disrupt economic activity.”
SecureCyber’s Walden noted that financial services is one of 16 critical infrastructure sectors listed by CISA, adding that “we must step up the game of protecting our critical infrastructure entities and with this integration with FS-ISAC we can do that in a more automated fashion with specific intelligence pointed at that sector.”
He said the industry overall is well-positioned to protect itself against attacks.
“Threat actors are routinely focused on our US critical infrastructure with a relentless desire to harm us financially and in some cases physically, as we’ve seen with many of the healthcare hospital shutdowns,” the CEO said. “I honestly see the financial sector more proactively tuned to preventing cyber threats and I credit the SEC [Securities and Exchange Commission] and their proactiveness for this. Healthcare has a long way to go.”
Turning to MSSPs
Like organizations in other sectors, those in financial services are leaning on MSSPs and MSPs to help not only keep their infrastructures and data protected but also ensure compliance with the increasing number of regulations that are cropping up.
“Cyber is just entirely too complicated and contains too many moving parts to be effective,” Walden said. “What’s really making things difficult for organizations is everyone wants to do cyber now in the tech space, so it’s getting almost impossible to find the companies that excel at it vs. the providers that want the revenue but might not be qualified to perform the services.”
He also pointed to standards like the Criminal Justice Information Services (CJIS) – part of the FBI that issues security standards for handling and sharing criminal information – and the Defense Department’s Cybersecurity Maturity Model Certification (CMMC) program that is used to ensure that DoD contractors and subcontractors – including MSPs and MSSPs – meet the cybersecurity requirements for protect sensitive and unclassified information.
Such compliance standards “require the services of a managed security provider externally vs. allowing internal teams to perform the work,” he said.
