Which security system would best suit your company? This is the most frequently asked question by cybersecurity professionals. It is not always an easy answer. This is in line with explanations regarding the fact there are many solutions and their advantages and disadvantages. Cybersecurity professionals find it difficult to believe one solution will work for them. It is essential that they learn all the frameworks and decide which ones are most applicable to them. Confirmation bias is often a problem. The C-Suite is then convinced by the one they choose.
A huge thanks to all the hard work of Central Bank of Egypt (CBE)This makes it much simpler to accomplish a lot. The Egypt Financial Cybersecurity Framework combines many of the most well-respected frameworks and makes them available in one place. CBE gathered the best practices and produced a document for the financial industry. CBE identified potential areas to tailor a cybersecurity structure to Egyptian needs.
CBE Framework graphics give a snapshot of all highlights. These controls can be linked to five functions. This document also includes definitions of roles, responsibilities and team memberships.
This framework provides the base for building cybersecurity capabilities within this vital sector. CBE is now launching a larger-scale initiative in order to create a resilient and secure cybersecurity infrastructure for the financial sector. The framework includes security controls as the first level of compliance. Baselining and hardening involve completing prudent and specific tasks to reduce an organization’s attack surface.
CBE Framework has no impact on existing controls implementation methods. The framework can also be implemented using existing tools.
Tripwire Enterprise Policy Manager proactively hardens systems by assessing configurations against internal and external security standards, benchmarks and industry regulations and continuously assesses changes against security, policy and compliance requirements for “good” vs. “bad” change and “policy drift”.
Tripwire Enterprise Policy Manager provides the largest range of policies and platforms in the sector. It includes all CBE Framework frameworks.
Tripwire Enterprise maps perfectly to the CBE Framework’s requirements and controls.
Identity and Access Management
Identity and Access Management aims to provision or revoke access for users and systems to operate on the organization’s enterprise. IAM serves another purpose. It makes sure core functions can still be done with minimum access.
Privacy and Data Protection
Data Protection and Privacy are about data integrity and privacy. Data protection has the goal to safeguard client data, intellectual property and personally identifiable information. This is true regardless of whether data is owned or used by employees.
App Security
Application Security was created to reduce the risk of software programs that are used in support of business operations. Application Security focuses on safeguarding applications from exploitation by adversaries throughout an application’s life.
Endpoint Security
The objective of Endpoint Security is to protect servers, desktops, and workstations that employees, third parties, and contractors use to connect to the organization’s network. To prevent breaches, endpoint security can use strict standards and technical controls.
- Malware infections
- Command and Control Activities
- Data exfiltration
- Ransomware/Data destruction
- Privilege escalation
- Lateral Movement
Network Security
Network Security concerns the protection of information and data while in transit. This also allows for proper network visibility. Malicious activity can only be corrected by authorized endpoints. Authorized endpoints have limited network access. To prevent these threats, comprehensive network security and technical controls are necessary.
Digital Channels
Digital Channels supports security controls needed to protect against threats to today’s technology and those on the horizon as society shifts towards a digital and largely cashless economy. It is particularly important for the financial industry, as it protects against identity theft and money laundering.
Cloud Security
Cloud Security aims to address unique risks posed by using Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), or Software-as-a-Service (SaaS) cloud computing offerings. Cloud Security addresses the following problems:
- Unauthorized Access
- Privacy
- Lateral movement between and within cloud tenants
- Virtualization vulnerabilities
- Expansive attack surface
Monitoring data integrity
To monitor for any changes to assets, integrity monitoring is necessary. It will enable you to regularly review the files and inform security personnel if any modifications are not authorized. Tripwire has several methods for identifying low-risk or high-risk files. This part is part the priority, prioritizing system that reconciles, reports on and report any changes detected. Auto-promoting changes in the business as usual reduces noise so IT can focus more on investigating security and risk-related changes.
Tripwire used its host-based intrusion detector software to detect changes in files or folders. Tripwire then added File Integrity Monitoring (FIM) to its solution. This allows Tripwire to monitor detailed system integrity including directories, files, registry, configuration parameters, DLLs, and directories. SIEM, an enterprise integration tool that provides intelligence for threat detection, is another option. This tool generates event data that is rich in context and helps to determine what immediate investigations are required. It allows for better alerting workflows, and correlations.
The CBE cybersecurity framework was carefully designed but it would be unrealistic to extend beyond Egypt’s borders. Most countries would not accept this as an authority. We can only wish this trend reverses. However, regardless of this hesitancy of global recognition, it should be added to every cybersecurity professional’s list of reliable guidance.
Click here for more information about Egypt’s financial security framework.
