By Joseph Neu
What sort of security information and event management tool is covering your treasury management system?
Cyber risk is top of mind for many NeuGroup members this meeting cycle, one reason that our company is trying to quickly scale the learning curve on cybersecurity. Some of the insights from our early gatherings, including the Treasurers’ Group of Mega-Caps (tMega) meeting, can be found here. And that’s just the start.
My general sense is that finance and especially treasury—where money flows in and out of enterprises—could use more specific guidance than is readily available on how to plan and become more cyber-risk resilient. The fastest way to address this is to crowdsource information and guidance from a smart crowd—practitioners who are further up the learning curve than I am.
One specific area of interest is how treasury technology (the other big topic of the moment) can be made more resilient to cyberattacks.
Enter SIEM.This heading, from the book Cybersecurity Program Development for Business by Chris Moschovitis, is appropriate here. The book inspires this question for treasury management system (TMS) providers and the people who implement and support them: How do security information and event management (SIEM) systems cover treasury, including the main TMS, bank portals and all other systems and applications that support the treasury function?
What’s a SIEM?In three decades of connecting and exchanging with treasury professionals, I never recall hearing the term, so it’s worth explaining. Per Mr. Moschovitis, SIEMs ingest all relevant information (logs, threat feeds, etc.), “correlate it, and issue alerts about abnormal events in your environment.” It’s sort of like antivirus software on steroids. The best ones use machine learning and AI to detect cyberattacks and alert you. The more they know about distinguishing legitimate data flows from mischievous or nefarious ones, the more effective they will be.
Has treasury developed a SIEM relationship? To get the most out of a SIEM, Mr. Moschovitis says, “You need to put work into it to get the benefits out of it.” So what role has your treasury played in doing the due diligence to select the right SIEM for your environment? Which ones are good for treasury use cases? Have you been involved in fine-tuning it for treasury’s systems needs?
If you have knowledge and guidance on how SIEMs fit with treasury management systems and other parts of a treasury technology solution, please reach out to me at [email protected] or post comments in the box below. And if you’d like to receive my musings as a weekly email, please click here.