Finding #9

Lack of MS365 Cloud Security (e.g., Huntress ITDR)

Priority Level: One    Category: Cybersecurity / Compliance

Description: The bank does not utilize advanced MS365 cloud security tools, such as Huntress ITDR, to detect and respond to suspicious activity (e.g., unauthorized rule creation, enterprise application access). This gap leaves the bank vulnerable to system compromise and undetected malicious activities.

Impact:

• Increased risk of undetected cyberattacks, leading to data breaches or system compromise.
• Non-compliance with FFIEC requirements for monitoring and incident detection, risking regulatory penalties.
• Potential financial and reputational damage from unmitigated security incidents.

FFIEC Reference:

• FFIEC IT Examination Handbook, Information Security (September 2016):
• "Institutions should deploy monitoring tools to detect unauthorized access or suspicious activity." (p. 29)
• "Cloud environments require robust security controls to prevent compromise." (p. 27)

Recommendations:

• Deploy a cloud security solution like Huntress ITDR to monitor MS365 for suspicious activities.
• Establish automated alerts and response protocols for potential security incidents.
• Train IT staff on interpreting and responding to security alerts in the MS365 environment.

Prioritization Rationale:

• Priority One: These findings address critical cybersecurity and data protection risks with high potential for breaches, data loss, and regulatory penalties. They represent immediate vulnerabilities in cloud and remote access.