3rd Party Risk Management , Artificial Intelligence & Machine Learning , Governance & Risk Management
Financial Sector Security: Critical Assets Must Be Protected
JPMorgan Chase's Matanda Doss on Navigating the Financial Services Threat LandscapeThe financial services threat landscape is continually evolving as attackers become more creative and sophisticated. Matanda Doss, executive director of cybersecurity and technical controls at JPMorgan Chase, pointed out that the SolarWinds attack introduced a software patch as an innovative delivery method in 2020, and today artificial intelligence poses threats through shape-shifting and adaptability in malware.
Today's cybersecurity threats are multifaceted, Doss said, so organizations should prioritize security for essential risks and work outward in concentric rings to provide a robust defense strategy.
"Right at the core, if you said everything is going to go down, and there's only one or two or three things we can do to keep the company alive until we can fully recover, that's where your critical assets lie," Doss said. "If you're in the business where you have lots of patents and secret technology that gives you a competitive advantage, that's different than the systems that it would take to keep your company's heartbeat alive. And so you have to balance those two and protect them appropriately."
In this video interview with Information Security Media Group at ISMG's Financial Services Summit 2023, Doss also discussed:
- The importance of embedding security into the infrastructure from the onset;
- The evolution of human threats in critical infrastructure;
- How organizations can identify their critical assets.
Doss has 25 years of technology experience across software development, e-commerce, mobile applications, data security and financial systems. He serves as an information security manager and is responsible for a team of information security professionals, overseeing internal cybersecurity, risk and controls for the commercial bank. Doss is a member of the CyberEdBoard.