Jul 15, 2020 Secret Service Integrates Financial, Cyber Crime Units. Why?
As described in Security Magazine, “In recognition of the growing convergence of cyber and traditional financial crimes, the U.S. Secret Service is formally merging its Electronic Crimes Task Forces (ECTFs) and Financial Crimes Task Forces (FCTFs) into a single unified network, which will be known as the Cyber Fraud Task Forces (CFTFs). The mission of the CFTF is to prevent, detect and mitigate complex cyber-enabled financial crimes, [the Secret Service] said in a press release.”
This is an interesting development for a couple of reasons. First is that the Secret Service acknowledges the need for financial crimes teams and cybersecurity teams to fully understand the environment in which each works. As the SS writes: “In today’s environment, no longer can investigators effectively pursue a financial or cybercrime investigation without understanding both the financial and internet sectors, as well as the technologies and institutions that power each industry.”
In other words, there’s no longer an air gap between financial crimes and “electronic crimes”, e.g. cybercrimes.
In theory, nation-state attackers don’t need the extra funding, since they’re funded by deep-pocketed states. In practice, they select financial targets for reasons of both cyberterrorism and practicality. The goal is to sow cyberterror, but if you can make some money doing it, so much the better.
What does this mean for enterprises? It may seem farfetched for your typical commercial enterprise to take guidance from the Secret Service, but bear with me here: Their logic is sound. Finance and cyber have become so intertwined that you can’t do one without the other. And both are increasingly targets of the most sophisticated attackers in the world.
So enterprise organizations need to think in terms of teaching their cybersecurity teams financial literacy, and their financial teams cybersecurity literacy. While maintaining their separate spheres of subject-matter expertise, each team needs to understand the vulnerabilities and challenges of the other, so they can better join forces to protect the organization.
What about the insider threat risk? Giving a disgruntled finance employee the cyber tools to wreak havoc (or vice versa) may seem like a bad idea. And it is, but only if the organization isn’t explicitly addressing insider threat already. As companies move more towards zero-trust security and deploy tools like behavioral threat analytics, it becomes less and less possible for an insider threat to hide his or her tracks. In short, proper emphasis on insider threat controls should effectively mitigate that risk.
Bottom line: Be like the Secret Service. Your cyber teams should undergo finance bootcamp, and your finance teams should learn their way around cybersecurity. Both sides–and your organization–will be better for it.