The role of cybersecurity in protecting critical infrastructure in the financial sector

In today’s world,we often take for granted the buildings we visit. We go through the drive-thru ATM lane at the bank, get some cash, and drive on. Little thought is given to the physical structure of that bank branch, the ATM, or the bank’s headquarters. On top of the physical structure, how do you know that using a bank app to deposit a check is secure? And that your money will end up in your account?

For Capitol Tech students studying critical infrastructure, the Critical Infrastructure II course provides important information on how to protect facilities in the financial sector – and the data they process.

The financial sector is one of the sixteen critical infrastructure sectors and is, “a critical component of the nation's infrastructure that holds over $108 trillion in assets, is an increasingly attractive target for cyber-based attacks,” reports the Government Accountability Office (GAO).

One of the concerns the GAO has with regards to the financial sector is the segmentation that may occur. Financial facilities may be receiving cybersecurity guidance from the Department of Homeland Security     while receiving no direction from the Treasury on what they should be prioritizing.

For experts in the field of critical infrastructure, this is an opportunity to fill the gaps by identifying risk mitigation strategies.

Cybersecurity Risk Mitigation Goals for Financial Sector

Cybersecurity and Infrastructure Security Agency (CISA) shared in their Financial Services Sector-Specific Plan that there are four goals for the industry that are intended to help mitigate the risks that face the financial sector, from physical threats such as power outages and natural disasters     to digital threats, like cyber-attacks.

Critical infrastructure experts often take the lead in helping to achieve the goals, which are listed, in summary, below.

• Information Sharing: “Ensuring that information is delivered to those who need it quickly and in a form they can use is critical to any information sharing activity, especially cybersecurity information sharing where incidents can unfold instantaneously.”
• Best Practices: “Financial institutions and government agencies work together to promote the use of common approaches and best practices for enhancing security and resilience to prevent incidents from occurring whenever possible.”
• Incident Response and Recovery: “The sector’s response and recovery processes are regularly exercised not only to test and enhance plans, but also to sustain strong organizational relationships between incident responders. Such exercise efforts directly inform and help to improve the sector’s ability to respond individually and collaboratively to various attack scenarios.”
• Policy Support: “Collaborative efforts to inform public policy processes appropriately provide a means for addressing dynamic risk through voluntary engagement and collaboration in addition to regulation.”

Capitol Tech’s critical infrastructure programs, including courses such as Critical Infrastructure II, with its focus on both the physical and digital ends of infrastructure,produce experts in the field who can contribute to new and ongoing sector goals, provide innovative solutions to problems, and become invaluable members of the industry.

Want to learn about critical infrastructure? Capitol Tech offers bachelor’s, master’s and doctorate degrees in security, intelligence, and critical infrastructure. Many courses are available both on-campus and online. To learn more about Capitol Tech’s degree programs, contact admissions@captechu.edu.