The ProcessBolt Platform

agsdix-c370-one-solution

ProcessBolt AI

AI-assisted vendor risk management, and real-time threat monitoring platform.

agsdix-c370-key-insights

ThreatScape

Attack surface management and security rating solution.

agsdix-c370-manual-reviews

DocAI

Document intelligence and analytics.

agsdix-c370-collaboration

Share Center

Secure and timebound document sharing for the enterprise.

agsdix-c370-integration

Assessment & RFP Response Solution

Answer questionnaires using Knowledge Base and documents with AI assistance.

Let's Get Started!

BofA and AMEX Breaches Reinforce the Importance of Attack Surface Monitoring in Vendor Risk Management



May 22, 2024

The recent third-party breaches involving Bank of America and American Express highlight a disturbing trend: even the most sophisticated and regulated companies in the financial services sector are susceptible to significant cybersecurity threats. Financial institutions are desirable targets for cybercriminals due to the vast amounts of sensitive and valuable personal information they manage. These breaches expose customer data, significantly erode trust, and can lead to substantial financial losses and regulatory scrutiny.

We’ll review the Bank of America and American Express breaches and dive into vendor risk management best practices and how companies can leverage the latest technology to take a more proactive approach to managing vendor risk.

Understanding the Breaches: Bank of America and American Express

Bank of America:The breach at Bank of America was traced back to a cyberattack on Infosys McCamish Systems, an Infosys subsidiary, which occurred in November 2023. This incident led to the unauthorized disclosure of personal information including social security numbers, addresses, and financial details of over 57,000 individuals. This breach was part of a larger ransomware attack by the LockBit gang, which highlights the evolving sophistication and persistence of cybercriminal threats. American Express: While details are less specific for the American Express incident, it involved a third-party service provider that supports the travel services division, resulting in the exposure of customer information. Such breaches accentuate the vulnerabilities inherent in vendor relationships, which can become gateways to highly sensitive data.

How Attack Surface Monitoring Can be Used to Protect Against Third-Party Breaches

As a follow up to the Bank of America breach, we analyzed the security hygiene of Infosys to see if there were any identifiable weaknesses that could have been exploited by hackers. To do this, we used our ThreatScape module, which is an attack surface monitoring tool that uses publicly available information to analyze the strength of an organization’s information security program. ThreatScape accomplishes this by inventorying and monitoring an organization’s internet-facing attack surface, which can expose weaknesses in a company’s security posture. When examining Infosys’ security hygiene, we identified several significant and preventable weaknesses that bad actors could have exploited. We identified DNS configuration issues, deprecated encryption in use, and deprecated software in use. These issues point to an information security program that is vulnerable to attack. Using continuous monitoring tools like ThreatScape enables organizations to hold their vendors accountable by highlighting risks so that they can be remediated before they are exploited by hackers. These are weaknesses that will not be identified in point-in-time risk assessments and are critical to effectively managing vendor risk and protecting against third-party breaches.

Proactive Measures in Vendor Risk Management

The traditional approach of periodic risk assessments is proving insufficient in the face of dynamic and continuously evolving cyber threats. Today’s threat landscape demands that companies, especially those in industries with sensitive data that are attractive targets for cybercriminals, adopt a more robust and proactive approach to vendor risk management.

Continuous Monitoring

Continuous monitoring is essential for maintaining an up-to-date understanding of vendor risk exposure. This allows companies to detect and respond to vulnerabilities and threats in real time, rather than relying on outdated information that may not reflect current risks. ThreatScape can also be used to verify the accuracy of risk assessment responses. For example, it is unlikely that Infosys would have said in their assessment that they had deprecated encryption in use. Continuous monitoring is a great mechanism to help verify vendor risk in real-time.

Artificial Intelligence

A big limitation of risk assessments is that they rely on vendor attestation and it can be challenging to verify the accuracy of assessment responses. In addition to using attack surface monitoring tools like ThreatScape, AI can play a critical role in verifying the accuracy of assessment responses. With ProcessBolt, customers can leverage AI to extract intelligence from vendor corporate documentation to verify that assessment responses are consistent with vendor corporate documentation.

How ProcessBolt Can Help

We offer a fully integrated vendor risk management platform that uses AI to help organizations assess and continuously monitor their vendor networks. ProcessBolt’s ability to leverage AI and attack surface monitoring to verify vendor risk in real time can help your organization identify and remediate risks before they are exploited. Get in touch today to learn how we can help you improve your vendor risk management program.