DECEMBER 2017CIOAPPLICATIONS.COM94. Detect cyber threats and breaches5. Deploy business continuity policies and technologies to respond and recover from a cyber attack6. Fulfill regulatory reporting requirements in the event of a breachThe DFS left the actual details up to each individual firm's discretion, requiring that a designated CSO/Risk Manager or board sign off on the firm's policy and audit results.Best Practices and BeyondA CSO/CIO's mission in the financial sector is dramatically complicated due to the need to tightly integrate a firm's decision-making systems and private client information with 3rd parties and public databases. While common-sense security practices can mitigate the threat of a security breach, integration with external sources relies on the use of software API's and the vast public internet ­ leaving ample room for a sophisticated attack.To combat this, agencies such as the CIA, NSA, FBI, and DoD physically isolate their networks and network assets, ensuring that the most mission-critical data is never exposed to the public internet and only accessible to those with tightly controlled permission. The air-gap network ensures that advanced signaling attacks that may compromise a desktop have no way of propagating to more sensitive systems as there simply is no route from one network to the other. Further, to protect against internal theft or maleficence, these agencies also filter and sometimes block exposed USB ports on servers and desktop computers to ensure the data integrity is never compromised and never stolen.It's a strategy that financial firms would be wise to follow. Optimizing the Desktop for Efficiency and SecurityThe desktop environment in most financial services facilities is a crowded space. Multiple monitors and systems bring in and display information from different sources that a sales manager or trader needs to make decisions. To address the overcrowding, specialty monitors on the market today allow for a simultaneous display from four separate client machines onto a single large format, 4K display. They specifically address the needs of securities traders and other financial professionals requiring instant views of disparate information sources in order to enhance their decision-making effectiveness and capabilities. In order to combine the keyboard and mouse controls across the four quadrants, however, a KM (Keyboard/Mouse) switch is required. A secure KM switch allows the operator to simply move his mouse from one quadrant to the other, seamlessly switching the mouse and keyboard controls from one PC to the other. In addition, a secure KM switch ensures that each source remains physically and logically isolated, such that none of the multiple sources impacts any of the others. When looking for a secure KM switch, look for ones that are certified against the NIAP Protection Profile 3.0 standards for peripheral switching devices (the NSA's cyber security standard mandated for desktops at most federal and state law enforcement agencies). Enhanced Security, Increased Efficiency With the recent and well-publicized security breaches and new industry regulations, cyber security can no longer be an afterthought at financial firms. A breach can adversely impact an organization's reputation, valuation, and customer confidence. The IT security industry is rapidly innovating to get ahead of threats and help organizations protect their networks without obstructing their ability to conduct modern business. For those organizations that believe absolute protection is a must, a NIAP Protection Profile 3.0 certified KM switch can provide enhanced security against the spread of an attack and employee or contractor maleficence while increasing operator efficiency and effectiveness. A secure KM switch ensures that each source remains physically and logically isolatedFigure 1. Dell P4317Q Quad Display Monitor
< Page 8 | Page 10 >