A 7-Point Checklist for Advisors to Protect Against Cyberattacks

Here's his checklist for how financial companies can protect themselves against cyberattacks and their impacts if their systems are breached:

1. Use software patches when they're sent and develop protocols to insure that employees do this, but first make sure the updates are genuine. These are "foundational elements of cybersecurity," said Chertoff, who noted that companies and individuals could have protected themselves against the WannaCry attack if they had just used the patches sent out by Microsoft in March.
2. Use multiple-factor authentication — the standard now is two. "Dual factor is better than single factor," said Chertoff, but it's not infallible. "Think through what the second factor is." He explained that a German bank was hacked and money transfers authorized when texting was used for the second authentication. He suggested instead a phone call as the second level of verification, whereby the person the financial company is dealing with phones the financial company rep instead of texting him or her.
3. Use behavioral monitoring and pattern tracing because it's not just insiders but outsiders doing the stealing via cyber breaches now. Financial companies should monitor customers' transactional behavior, like credit card companies do with algorithms they develop in order to recognize anomalies, said Chertoff.
4. Use encryption, a critical element to safeguard business data and customer data.
5. Back up data, which will help restore service and records if there's a breach.
6. Have a crisis response plan. Chertoff said the companies need to have designated responders, a Plan B and a method of communications in the case of a breach.
7. Keep in mind that breaches can originate with all kinds of institutions and companies. The 2013 hack of 40 million Target accounts started when the credentials for its network were stolen from a third-party heating and cooling vendor for the company, allowing the thieves to introduce malware.

The October 2016 massive denial of service attack was perpetrated with a special malware known as a botnet that originated not in a group of computers but with thousands of "Internet of Things" devices such as digital cameras and baby monitors. Together they attacked the servers of Dyn, a company that controls much of the internet's domain name system (DNS) infrastructure.

"Everything is now going to be smart and connected," said Chertoff referring to all the devices linked to the Internet including also thermostats and home recording devices. "These things do not have security in mind…Many of them have no provisions for updating passwords or patching. …That becomes not only a problem for your own network … but for everybody else. We need to think about how to build security into that" and integrate it with the rest of security system, said Chertoff.

He ended his presentation with another lurking security threat: cyberwarfare where the financial system could become a key target especially by those actors who don't participate in the global financial system such as North Korea.

— Related on ThinkAdvisor:

• Following WannaCry, SEC Issues Ransomware Alert
• Hacked? Proposed Bill Would Allow Firms to Hack Back
• 3 Emerging Risks Your Clients Aren't Prepared for in 2017
• Trump Issues Executive Order on Cybersecurity
• Fintech Firms Primary Targets for Cybercrime Attacks