Sheltered Harbor Continues Expansion to Protect Against Rise of Malware

Oct. 03, 2023

In today’s ransomware-prevalent world, adopting a robust cyber resilience strategy is critical to community banks and any institution in the financial services sector. With traditional backup and recovery systems at risk of compromise in the event of a malware attack on IT systems, ICBA helped found the Sheltered Harbor initiative to protect against cybercrime.

This not-for-profit, industry-developed standard helps protect and recover customer account data if a catastrophic event causes critical systems—including backups—to fail. As the threat of malware grows, Sheltered Harbor has continued to expand in recent years to promote security and public trust in the banking system.

Cyber Resiliency Strategy

To maintain the public’s trust, banks must make customer balance information and access to funds available within 24 hours of a devastating cyberattack.

To achieve this, community banks must operate a robust cyber resiliency strategy, which includes protecting critical assets, segregating customers’ account data, and planning how to respond to a worst-case event. This protocol ensures accounts can be quickly restored within hours of experiencing an extreme cyber, data-corruption, or data-deletion event—allowing depositors to continue to access their accounts while normal operations are reestablished.

The roadmap for how to do this exists and is already being used by hundreds of financial institutions participating in Sheltered Harbor. It includes a set of heavily tested and implemented solutions and certifications.

Sheltered Harbor Data Backup

Regulators across the globe recognize Sheltered Harbor as the financial industry’s standard-setting and certification body for cyber resilience and the long-term health of the financial sector.

To promote public trust and secure customers’ data, Sheltered Harbor utilizes an approach that relies on three pillars:

  1. Data Vaulting - Institutions back up both critical customer account data and their other vital data sets every night in the Sheltered Harbor standard format, either managing their own vault or using their service provider. The data vault is encrypted, unchangeable, completely separated from the institution’s infrastructure, including all backups, and it’s controlled by the financial institution.
  2. Resiliency Planning - Along with vaulting their data, participating organizations simultaneously create a plan to be resilient. Sheltered Harbor has laid out specific playbooks that must be developed and tested before achieving resiliency. This takes time as leadership makes decisions, plans communications, and completes other important steps before a restoration platform is selected. Once the plans are developed and tested, certification is awarded, which leads to the third important pillar in the Sheltered Harbor program.
  3. Certification - Participants adopt a robust set of prescribed safeguards and controls, which are independently audited for compliance every year. For example, once an organization’s data vaulting is certified, the institution will receive a seal communicating its customer data is protected and will be placed on Sheltered Harbor’s Certification Registry.

Sheltered Harbor also provides an ecosystem and community of specialized, trusted partners to help. Those who follow this plan can be confident they will never lose their data, and they will be able to continue to serve their customers after an attack.

Lifeline for Resiliency

Moving quickly after a seismic cyber event is paramount to preserving the public’s confidence in the banking system, and Sheltered Harbor is the lifeline for resiliency. To maintain public confidence, community banks should make Sheltered Harbor certification a priority.

ICBA encourages community bankers to visit the Sheltered Harbor website to start the journey toward cyber resilience certification today.