Multilayered Cybersecurity: The Key to Operational Resilience in Modern Business

The Clearing House CISO Says Multilayered Defense Key to Operational Resilience

In today's hyper-connected operating environment, the question is not if a business will face a cyberthreat, but when. "Security events and security alerts are something we deal with every single minute of every day," David Drossman, chief information security officer at The Clearing House (TCH), told PYMNTS for the series, "What's Next in Payments: Protecting the Perimeter." "The key for us is to make sure that none of those events or alerts become incidents or major crises," Drossman said. The imperative for organizations to secure their digital assets has never been greater, with cyberattacks becoming increasingly sophisticated and relentless. This requires planning, preparedness and a clear understanding of how to respond when an alert arises. "First things first, you need to have your incident response planning right," Drossman said, stressing the importance of employing an overarching incident response plan, supplemented by detailed procedures specific to information security. This dual approach ensures that when alerts occur, the organization can respond swiftly and effectively. Still, embracing a zero-day threat behavior frequently requires standing up proactive measures and may require a cultural shift within organizations. The plan should be supported by up-to-date threat intelligence, which can help organizations stay ahead of potential threats. "Ensuring that your systems are getting the data they need to respond and detect threats is crucial," Drossman said, noting that both automated and manual data feeds are necessary. A key concept in modern cybersecurity is "defense in depth," and it is emerging as one of the foundational elements of a robust cybersecurity strategy. As Drossman highlighted, embracing a "defense in depth" strategy involves creating multiple layers of defense to protect an organization's most valuable assets, often referred to as "crown jewels." He described it as building a "labyrinth of control" that can mitigate damage even if one layer fails. Segmentation is critical here, especially in separating employee networks from sensitive areas to minimize the risk of internal breaches. "It's not just having the cyber event, it is how you respond to it ... the truth is, everyone wants a perfect record when it comes to not having cyber incidents, but the most important thing is that when they happen, make sure you are prepared," Drossman said. "That is the key to everything." As technology evolves, so too do the methods and tools used by cybercriminals. Drossman noted that the expansion of cloud services and third-party integrations has altered the security landscape. Emerging technologies like artificial intelligence present both opportunities and challenges. While AI can enhance cybersecurity defenses by automating threat detection and response, it also introduces new risks that must be managed. "We have to be aware of how AI is used within our organization and ensure it doesn't introduce vulnerabilities," Drossman advised, noting that organizations must continuously adapt their security strategies to account for changes, ensuring that new technologies are integrated safely and securely. While technical measures are vital, cultivating a culture of awareness and responsibility among employees is equally important. Gone are the days when information security was the sole domain of a secluded IT team. Drossman advocated for a collaborative approach, integrating cybersecurity efforts across all departments, including business technology, HR and legal. This ensures a cohesive strategy that aligns with the organization's broader goals while maintaining robust security controls. Ensuring that every employee understands that risk management is part of their responsibility is essential. Drossman pointed out that phishing remains a threat, often targeting individuals' emotions or current events. "All it takes is one person to compromise the security of an entire organization," he warned, stressing the role of company culture in standing up a defense capable of detecting and mitigating risks before they can cause harm. Additionally, implementing measures like multifactor authentication (MFA) helps safeguard against unauthorized access, even if credentials are compromised. Ultimately, in an era where the cybersecurity perimeter is increasingly blurred, and threats are constantly evolving, staying ahead of potential risks is more crucial than ever, Drossman said. By fostering a culture of security awareness, using advanced technologies, and maintaining a flexible, adaptive strategy, organizations can safeguard their most valuable assets and ensure long-term resilience in the face of cyberthreats.

Cyberattack Surge Demands Culture of Proactive Security

Death and taxes have long been life's unavoidable realities. Now, add to that list the rising prevalence of cyberattacks -- and the growing imperative for businesses to defend against them, especially in B2B payments. "You're only as secure as your weakest link," Chris Wyatt, chief strategy officer at Finexio, told PYMNTS for the series "What's Next in Payments: Protecting the Perimeter." "And we move money, so we can't have the bad guys finding an easy way in." In today's hyper-connected world, where the lines between digital and physical operations are blurring, safeguarding against cyberthreats has become a cornerstone of business strategy. The stakes are higher, especially for organizations dealing with sensitive financial data and payments, where a breach can lead to financial and reputational damage. The threat landscape demands that business leaders not only react to cyber incidents but also anticipate and prevent them, particularly when it comes to payment processing. "The goal, really, is to mandate proactive risk management," Wyatt said, emphasizing that a forward-looking stance is critical in an industry where even a minor security lapse can have catastrophic consequences. This aligns with Finexio's practice of embedding security into every layer of its platform to eliminate vulnerabilities in payment processing. As Wyatt added, Finexio spent the last 12 to 18 months focusing on strengthening its cybersecurity measures. This effort wasn't just about protecting the company's own operations but also ensuring its partners and customers benefitted from the highest standards of security. "There was a big education component we've had to do with our customers," he said, highlighting the interconnected nature of modern business operations. The focus isn't just on reacting to incidents but on creating an environment where risks are identified and mitigated before they escalate into crises. One of the key areas Finexio has addressed is vendor management, often a weak spot that cybercriminals exploit. Working closely with customers, Finexio has helped them shift the burden of managing sensitive information, such as automated clearing house (ACH) data, onto the company itself. This not only reduces the risk for customers but also ensures that the data is handled with the highest level of security. Building resilience and continuity planning into business operations is also becoming table stakes for today's cyber landscape. Redundancy and resilience are key themes businesses are embracing as they aim to ensure that operations can continue seamlessly, even in the face of unexpected disruptions. This includes building multibank and multipay partner capabilities, as well as replicating environments across different cloud providers to avoid single points of failure. "Unfortunately, things do go down at times," Wyatt said, referencing real-world examples like the CrowdStrike incident that disrupted multiple organizations, including major airlines like Delta. These events serve as reminders that even the most well-prepared companies can fall victim to cyber incidents. The key, Wyatt said, is to have a comprehensive contingency plan in place, one that includes not just technical solutions but also well-documented procedures for dealing with incidents as they arise. Part of the urgency around the cyberthreat landscape is the fact that the threats are growing increasingly sophisticated, scalable and even industrialized as new technologies like artificial intelligence become more accessible. Wyatt said the democratization of technology has made complex tools now available to virtually anyone, making it easier for cybercriminals to carry out attacks. That's why the potential of AI and large language models to transform how companies manage their cybersecurity efforts is becoming so crucial, he said. One of the most promising applications of AI lies in simplifying the often overwhelming task of navigating internal documentation. By using language models, businesses can create a system where employees can quickly find answers to complex questions without sifting through countless documents. This not only saves time but also ensures that employees are following the correct procedures, reducing the risk of human error. As AI and other technologies continue to advance, Wyatt said he believes that businesses will be able to further narrow the "threat window" -- the period during which a system is vulnerable to attack. The key is to use these technologies in a way that simplifies operations rather than adding to the complexity. Wyatt said he sees both cultural and technical changes as essential for staying ahead of the cybersecurity threats. Leadership will continue to play a role, but the involvement of every employee is equally important in scaling the necessary shift from viewing cybersecurity training as a checkbox exercise to making it a core component of the company's operations.