Abstract :

The digital infrastructure of any organization, especially in the banking and financial services sector, is a critical component that underpins its operations. Managing the security of this digital landscape is a formidable challenge, given the ever-evolving threat landscape and the myriad entry points that cyber adversaries can exploit. Continuous threat exposure management offers a proactive approach to identifying, assessing, and managing security threats and vulnerabilities within an organization’s IT infrastructure. This review aims to analyze the various benefits associated with continuous threat exposure management, such as proactive risk identification, threat prioritization, and risk resilience strategies. By examining these key areas, this review provides valuable insights into the importance of effectively managing and mitigating threats for the long-term stability and security of financial institutions.

---

Keywords :

Banking, Continuous threat exposure management, CTEM, Cybersecurity, Risk Management

---

References :

1. Al-Alawi AI, Al-Bassam MSA (2020) The significance of cybersecurity system in helping managing risk in banking and financial sector. Journal of Xidian University 14:1523–1536. https://doi.org/10.37896/jxu14.7/174
2. Knowledgehut (2024) Cybersecurity in Banking: Importance, Threats, Challenges. https://www.knowledgehut.com/blog/security/cyber-security-in-banking  Accessed January 20, 2024

3. Federal Bureau of Investigation (2022) Federal Bureau of Investigation Internet Crime Report. https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdf Accessed January 20, 2024
4. Epam (2024) The State of Cybersecurity in Banking 2024. https://anywhere.epam.com/business/cyber-security-in-banking Accessed February 10, 2024
5. Yan G (2017) Application of cloud computing in banking: Advantages and challenges. In: 2017 2nd International Conference on Politics, Economics and Law (ICPEL 2017). Atlantis Press, pp 29–32
6. Finextra (2022) Why cloud adoption is on the rise in banking. https://www.finextra.com/blogposting/21824/why-cloud-adoption-is-on-the-rise-in-banking Accessed February 02, 2024
7. McKinsey (2021) Accelerating hybrid-cloud adoption in banking and securities. https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/accelerating-hybrid-cloud-adoption-in-banking-and-securities  Accessed February 02, 2024

8. BCG (2021) Financial Institutions Need to Pursue Their Own Path to the Cloud. https://www.bcg.com/publications/2021/strategies-for-financial-institutions-transitioning-to-the-cloud Accessed February 02, 2024

9. Mordor Intelligence (2024) Cloud Security in Banking Market Size & Share Analysis – Growth Trends & Forecasts (2024 – 2029) https://www.mordorintelligence.com/industry-reports/cloud-security-in-banking-industry Accessed February 02, 2024
10. EC-Council University (2023) The Importance of Cybersecurity in the Financial Industry. https://www.eccu.edu/blog/cybersecurity/why-is-cyber-security-important-in-the-financial-industry/ Accessed February 02, 2024
11. Southern New Hampshire University (2022) What is Cloud Computing?. https://www.snhu.edu/about-us/newsroom/stem/what-is-cloud-computing Accessed January 03, 2024
12. Cheng M, Qu Y, Jiang C, Zhao C (2022) Is cloud computing the digital solution to the future of banking? Journal of Financial stability 63:101073. https://doi.org/10.1016/j.jfs.2022.101073
13. Palos-Sanchez PR, Arenas-Marquez FJ, Aguayo-Camacho M (2017) Cloud computing (SaaS) adoption as a strategic technology: Results of an empirical study. Mobile Information Systems 2017:. https://doi.org/10.1155/2017/2536040
14. Rani D, Ranjan RK (2014) A comparative study of SaaS, PaaS and IaaS in cloud computing. International Journal of Advanced Research in Computer Science and Software Engineering 4:
15. Chuang I-H, Li S-H, Huang K-C, Kuo Y-H (2011) An effective privacy protection scheme for cloud computing. In: 13th International Conference on Advanced Communication Technology (ICACT2011). IEEE, pp 260–265
16. Reflectiz (2023) What is CTEM? A Complete Overview. https://www.reflectiz.com/blog/what-is-ctem/ Accessed February 02, 2024
17. Splunk (2024) Continuous Threat Exposure Management (CTEM). https://www.splunk.com/en_us/blog/learn/continuous-threat-exposure-management-ctem.html Accessed February 02, 2024
18. Gartner (2023) How to Manage Cybersecurity Threats, Not Episodes. https://www.gartner.com/en/articles/how-to-manage-cybersecurity-threats-not-episodes Accessed February 04, 2024
19. Picus Labs (2023) What Is Continuous Threat Exposure Management (CTEM)?. https://www.picussecurity.com/resource/glossary/what-is-continuous-threat-exposure-management-ctem Accessed February 04, 2024

20. CTI Technology What Is A Continuous Threat Exposure Management System?. https://ctinc.com/what-is-a-continuous-threat-exposure-management-system/ Accessed February 04, 2024
21. Firoozi M, Mohsni S (2023) Cybersecurity disclosure in the banking industry: a comparative study. International Journal of Disclosure and Governance 20:451–477. https://doi.org/10.1057/s41310-023-00190-8
22. SentinelOne (2023) Cyber-attacks on Financial Institutions | Why Banks Are Caught in the Crosshairs. https://www.sentinelone.com/blog/a-cyberwar-on-financial-institutions-why-banks-are-caught-in-the-crosshairs/ Accessed February 12, 2024
23. World Ecconomic Forum (2016) Understanding Systemic Cyber Risk. https://www3.weforum.org/docs/White_Paper_GAC_Cyber_Resilience_VERSION_2.pdf Accessed February 10, 2024

24. Gulyás O, Kiss G (2023) Impact of cyber-attacks on the financial institutions. Procedia Computer Science 219:84–90. https://doi.org/10.1016/j.procs.2023.01.267
25. Uddin MH, Ali MH, Hassan MK (2020) Cybersecurity hazards and financial system vulnerability: a synthesis of literature. Risk Management 22:239–309. https://doi.org/10.1057/s41283-020-00063-2
26. Eling M, Wirfs J (2019) What are the actual costs of cyber risk events? European Journal of Operational Research 272:1109–1119. https://doi.org/10.1016/j.ejor.2018.07.021
27. Karabacak B, Tatar Ü (2014) Strategies to Counter Cyberattacks: Cyberthreats and Critical Infrastructure Protection. Critical Infrastructure Protection 116:63
28. FIPS (2006) Minimum security requirements for federal information and information systems. https://csrc.nist.gov/pubs/fips/200/final Accessed February 04, 2024
29. Handfield RB, Bechtel C (2002) The role of trust and relationship structure in improving supply chain responsiveness. Industrial marketing management 31:367–382. https://doi.org/10.1016/S0019-8501(01)00169-9
30. NIST Computer Security Resource Center (2016) NIST Risk Management Framework. https://csrc.nist.gov/Projects/risk-management/about-rmf Accessed February 06, 2024
31. Investopedia (2022) Risk Management Framework (RMF).  https://www.investopedia.com/articles/professionals/021915/risk-management-framework-rmf-overview.asp Accessed February 06, 2024

32. Holzmann L, Huppertz J (2023) The collapse of Silicon Valley Bank–The importance of proactive risk management in order to prevent financial contagion. In: Konference doktorandů. p 70
33. Mizrak F (2023) Integrating cybersecurity risk management into strategic management: a comprehensive literature review. Research Journal of Business and Management 10:98–108. https://doi.org/10.17261/Pressacademia.2023.1807
34. Kedarya T, Elalouf A (2023) Risk management strategies for the banking sector to cope with the emerging challenges. Foresight and STI Governance (Foresight-Russia till No 3/2015) 17:68–76. https://doi.org/10.17323/2500-2597.2023.3.68.76
35. Dawodu SO, Omotosho A, Akindote OJ, et al (2023) Cybersecurity risk assessment in banking: methodologies and best practices. Computer Science & IT Research Journal 4:220–243. https://doi.org/10.51594/csitrj.v4i3.659
36. Stefanini (2023) The Basics Of Continuous Threat Exposure Management (CTEM). https://stefanini.com/en/insights/news/the-basics-of-continuous-threat-exposure-management-ctem Accessed January 20, 2024