7. Cooperation and danger sharing
I have found that there is not one of our most valuable rescues, it is a community. We actively share indicators of compromise (IOC), phishing lur and suspected behavior with other financial institutions through FS-ISAC. The Intel that we get back have helped us stop many dangers quickly.
We are also engaged directly with Treasury, DHS and FBI. In at least one case, the intelligence shared during a joint simulation helped us capture a possible intrusion before proceeding. We are also contributing to wide public-private initiatives, such as the United Rancemware Task Force, which aims to destroy the ransomware network globally. When the law enforcement is successful, we all benefit, and we support these efforts that we can do in any way.
Build cyber flexibility amidst a ransomware siege
From my perspective, prevention against ransomware in 2025 requires a layered, collaborative approach. We structure our entire strategy around five columns: prevention, detection, including, recovery and cooperation. While the danger actors are more sophisticated than ever, I have never seen the financial sector more integrated, better revived or firm to fight back.
Our goal is not only to avoid ransomware, but to make ransom unnecessary. This means that not only stop the attacks, but also to ensure that our systems can recover, our customers can rely on us and our regulators that we are working with integrity and foresight.
Eventually, ransomware has promoted a strong culture of cyber readiness and cooperation. I have seen that banks learn from painful events, strengthen back and then share their lessons freely with others. I have seen that the executive team takes ownership of cyber security. And I have seen that our region comes together one day, one day, against a normal danger, protects the next defenders.
This article has been published as part of the foundry expert contributor network.
want to join?
