Steve Ryker, VP of Compliance & Risk can’t time travel, but he’s caught a glimpse of the future. Regulators hit the National banks first and Steve’s experienced it firsthand. Regulators are particularly interested in endpoints that connect to your network, many of these representing Blind Spots for most FIs where IT has not traditionally had jurisdiction.
Would you like to schedule time to?
The Risk Today: Each device connected to your network and vendor access remotely or physically onsite may present vulnerability and possible risk of cyberattack. The devices listed below were often considered secondary or low risk and may have been managed differently than other IT managed devices. How these low-risk devices have been managed and protected may have caused a blind spot. Over the last few years, the risk to these secondary devices has increased, and hackers are more frequently targeting these devices. In addition, vendors connect to equipment both remotely and onsite using their own equipment without going through proper modern-day due diligence.
A New Test: In response to this increase in risk, CSG is introducing the Blindspot Risk Report Rating. Like a traditional Cap Risk analysis on the physical branch based on robberies and other criteria in a geographic area, our test takes into account the number of network-connected devices, the number of vendors touching the device, and other measurables to tally potential vulnerabilities and to apply our risk rating.
The Result: The final report includes a numerical score indicating the level of protection for network-connected devices, vendor access, & volume of devices by category per location. The report also provides recommended steps to increase the rating based on findings.