How to Plan for Withstanding a Cyber Attack on Market Maker Company — Part 1
Today market volatility creates enormous business opportunities for the finance world, and determined cybercriminals have started to recognize brokers and market maker companies as viable targets. Today we’ll take a look at how to withstand a cyber attack of an advanced and determined attacker against a fintech or specifically — a market maker company.
First, our technology infrastructure should be designed to complicate movement from an attacker and disaggregate cybersecurity and resilience risks for different kinds of workloads. For a fintech company, there would be 3 key security zones:
- Production (and related Pre-production).
2. R&D.
3. Corporate (and related User zone).
Each security zone would get its own:
- Security protocols, including access model and patching timelines;
- Zone/asset owner — who is going to lose his job if this zone gets hacked or improperly managed?
- RPO (recovery point objective)/RTO (recovery time objective) to assist in father planning for fault tolerance, backup and disaster recovery measures.
Second, moving between security zones should require passing a security checkpoint (or so-called security policy enforcement point). This could be M2M (machine-to-machine) checkpoints or user access checkpoints.
We can break down access checkpoints to:
- Security gates that prevent data from extraction or limit access to only those who are authorized.
- Security checks — 2 factor authentication (SMS/mobile app), security keys, biometric security keys etc.
Matching security zone to an access checkpoint would be a unique mix for a specific FinTech company, taking into account which markets it serves (regulated or not), whether it has a payment gateway (further, we assume it does), and has it become known a known pot of money (target) for cybercrime or nation-state actors.
Third, making an attacker's life harder means segregating workloads exposing them to the minimum required for serving an end-user.
Examples of risk disaggregation means are as follows:
- Frond-end and back-end workloads cannot share the same Kubernetes cluster. If it fails or is hacked an entire platform would be in trouble.
- Backup and infrastructure management tools (DevOps) have to be kept separate from the workloads they manage;
- Prod and Pre-Prod have to be separate to avoid breaking Prod while performing testing or troubleshooting Production issues;
- CDN & application load balancing technology are introduced, as well as microservices architecture is employed to enjoy scaling and cloud services where required;
- The multi-cloud approach is in place (for higher maturity environments) where an organization does not depend anymore on a sole cloud provider.
That’s it for today, further in How to Plan for Withstanding a Cyber Attack on Market Maker Company — Part 2 we’ll discuss risk control, application security, security operations and business continuity controls for rainy day scenario. As for sustainable cyber resilience framework implementation NIST Cybersecurity Framework can help too.