Further to this, on Tuesday this week the Council of Financial Regulators (CFR) released its Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework – click here to access a copy of the 67 page framework.
The most interesting of the exercises is the Threat Intelligence-led Adversary Attack Simulation, otherwise known as the Red Team exercise. Essentially, an independent Red Team Provider or ‘red hat hacker’ simulates a real life attack scenario by using a range of techniques such as phishing, spear phishing, or watering holes etc. to gain access to a FI’s internal network through their staff. Once access is gained, the Provider will attempt to compromise the system, most often by making payments etc.2
As CORIE notes in its introduction:
Cyber operational resilience requires that people, processes and information systems adapt to the ever-evolving threat landscape. To maintain the ability of financial institutions to avoid significant financial loss and worst-case scenarios, cyber operational resilience must be proactive and not reactive.4
The results of the exercises will go into a report that will set out the systemic weaknesses in Australian FI’s cyber resilience, and areas that will require improvement.
When it comes to a data breach, time is of the essence. No organisation is free from the risk of an attack - the CORIE framework emphasises that being reactive is no longer enough.
Cyber Operational Resilience Intelligence-led Exercises framework, page 2.
Ibid, page 18.
Ibid, page 4.
Ibid, page 2.