Risk Management in Technology (RMiT)
In common with other financial markets around the world, the Bank Negara Malaysia (BNM) has taken a lead in defining a stringent security controls framework for Malaysian financial institutions. Sustained, advanced persistent threat (APT) attacks on the banking industry such as the Carbanak hack shook the banking world. This co-ordinated and sophisticated attack really was a wake-up call to banks that cybercrime was becoming more organized and effective. Carbanak not only resulted in core banking systems being infiltrated allowing fraudulent electronic fund transfers to be used, but ATM systems were also hacked to allow cash to be stolen directly.
The Risk Management in Technology (RMiT) provides clear guidance for minimum expected standards in cyber security and serves to provide a level of confidence within the market, covering everything from the data center to the ATM/SST. The BNM guidelines are detailed in the RMiT BNM/RH/ED 028-98 publication.
Banking and finance is always a high-risk industry with respect to hackers and it is crucial that awareness of threats is always maintained and new technological innovations are being utilized, for example, leveraging One-Time Passwords (OTP) to reduce the opportunity for fraudulent transactions.
Significantly, the RMiT is very clear in placing responsibility at the Board level for an understanding of the ‘financial institution’s risk appetite’ and its ‘corresponding risk tolerances for technology-related events’. Furthermore, it is also a board-level responsibility to ensure ‘effective implementation of a sound and robust technology risk management framework (TRMF) and cyber resilience framework (CRF), for the financial institution to ensure the continuity of operations and delivery of financial services’. In other words, compliance with RMiT is mandatory and everyone is responsible for its delivery.
- October 2019 Internal gap analysis results to be submitted by all financial institutions
- January 1, 2020, RMiT is now effective and compulsory for all organizations
- December 31, 2022, or whenever there is a ‘material change in the data center infrastructure’ External audit required of Data Centre and Network Resilience.
As such, external audits are required regularly and at least every 3 years. But like all cyber security controls, the real need is to operate security best practices continuously and as embedded processes, and with the average time to detect a breach still in excess of 170 days, better detection and evaluation of all change is essential..
The NNT SecureOps™ portfolio is carefully assembled so that, when used in a co-ordinated fashion as part of an overall security controls framework, all key controls are automated and utilized to maximum effect.
NNT SecureOps™ is short for Secure Operations. It includes a combination of the essential, foundational security controls as prescribed by all leading security frameworks such as The CIS and NIST – and of course, RMiT too - with the operational discipline of change management and the innovation of change control, pioneered by NNT.
By ensuring the basic and essential security controls are in place, combined with the ability to validate the safety of all changes, organizations can prevent and protect against cyber-attack while improving IT Service Delivery quality.
The SecureOps™ solution set includes:
- Asset discovery and Inventory
- Secure system configuration for all assets
- Regular vulnerability scanning
- Change monitoring and control
- Whitelist approved File Integrity Monitoring
- Integration with operational Change Management process and systems
- Security Information and Event Log Management (SIEM)
NNT’s Vulnerability Tracker™ identifies known vulnerabilities within software and configuration settings before they can be exploited by a cyber-attack.
- Directly addresses RMiT Appendix 5 and Appendix 2 controls for vulnerability management, penetration testing and validation of web application security.
- Continuously tests and assesses your IT network and any device connected to it against thousands of Network Vulnerability Tests (NVTs).
- Unique, fully meshed, distributed scanning solution providing UNLIMITED scanning, not restricted by device counts. This makes Vulnerability Tracker the most scalable, flexible and cost-effective enterprise-class scanner.
NNT Change Tracker Gen 7 R2 provides fundamental cyber security prevention and detection. It does this by leveraging the required security best practice disciplines of system configuration and integrity assurance combined with the most comprehensive and intelligent change control solution available. Change Tracker from NNT will ensure that your IT systems remain in a known, secure and compliant state at all times.
- Directly addresses RMiT Appendix 5 and Appendix 2 controls for secure configuration hardening, malware protection and change control.
- Provides context-based File Integrity Monitoring and File Whitelisting to assure all change activity is automatically analyzed and validated.
- Certified CIS configuration hardening ensures all systems remain securely configured at all times
- Intelligent change control technology provides unparalleled change noise reduction along with the ultimate reassurance that the changes occurring within your production environment are consistent, safe and as required.
NNT Log Tracker records full audit trails of all user and system activity then correlates events to provide early-warning of hacker behavior.
- Directly addresses RMiT Appendix 5 and Appendix 2 controls for centralized management and alert aggregation.
- Securely protects all logs and audit trails
- Correlates logs from all devices including network devices, Unix and Windows servers, applications and databases, and analyzing them for unusual or suspicious activity
- Pre-built compliance reports and scorecards
- October is National Cyber Security Awareness Month- So Just How Secure is Your Organization?
- Department of Homeland Security’s Cyber Security Still Vulnerable
- File Integrity Monitoring – 3 Reasons Why Your Security is Compromised Without it Part 3
- File Integrity Monitoring - Is FIM Better Than AV? Is a Gun Better Than a Knife?
- All Configuration Management Articles
Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.
Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)
Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.
Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds