With cybersecurity top of mind among regulators, companies need to step up their efforts to contain threats and share information about potential attacks, experts say.

In a speech last week, SEC chair Mary Jo White said that that cyber-attacks represent the “biggest systemic risk” facing the U.S.

Cybersecurity is an examination priority this year with the SEC. The SEC’s Office of Compliance Inspections and Examinations released a risk alert in February that detailed the results of an initial sweep last year of investment advisors and broker-dealers. The examinations focused on how firms identify cybersecurity risks, establish cybersecurity policies, procedures, and oversight processes, and protect their networks and information.

Organizations can share intelligence in multiple ways, one of which is via a managed security service that shares data constantly. If one client gets attacked, the others can then be immunized against that threat. Companies can also share data with the US-CERT and law enforcement when a serious crime is committed. That information then filters out as alerts, according to Bill Sweeney, financial services evangelist at BAE Systems Applied Intelligence.

“One emerging best practice for information sharing includes providing information on all intrusion attempts, even if they were unsuccessful. Information on unsuccessful intrusions is often less sensitive and can be shared more quickly,” said Sweeney. “It is also crucial to know your enemy, and use open, standard data formats and transport protocols to facilitate information sharing.”

For many large-scale cyber-attacks, organizations could only detect them after they happened. In many of these large-scale cyber-attacks, attackers were in the organization’s network for weeks or months. Behavioral analytics – particularly those that understand not only network interactions but the business relevance of those interactions – can help find those movements and patterns that may indicate malicious activity.

“The analytics should be performed in real time to give the organization immediate situational awareness that allows it to take fast action and mitigate any potential risks that arise,” said Stu Bradley, senior business director of security intelligence at SAS.

Behavioral analytics and frameworks like Hadoop can help improve security at a much faster rate, according to Bradley. The speed and complexity of the analytics can be optimized across the real-time, “near-time” and “any-time” continuum for better situational awareness using streaming, in-memory, and high performance analytics.

“Ultimately, big data analytics can help organizations learn more about attackers’ activities than attackers know about organizations’ networks,” Bradley said. “These solutions can provide an essential layer of cyber defense to help organizations see connections that might otherwise be missed by siloed analysis of product log files or partial data analysis.”

Featured image by James Thew/Dollar Photo Club