Here’s a quick tip for CISOs and compliance officers in banks, credit unions, investment or wealth management firms who worry about cybersecurity threats that emanate from vendors and third-party apps:
Disconnect from the web.
IT security researchers agree that almost 80 percent of data breaches and malware incidents are web-borne and in some way browser-related. The regular browser has become the main gateway for attacks on the local IT infrastructure of firms (not only) in the financial sector.
Locally installed browsers – including those labeled “secure” by their makers – indiscriminately process all code from the web on the user’s computer or mobile device. The browser opens the door for data exfiltration and for malicious code to infiltrate the corporate network, for example through infected vendor websites or compromised third-party business apps.
The finance sector’