Article

Rick McElroy
Rick McElroy 21 February 2018

Risk & Response: Defending Financial Institutions

Managing and mitigating cyber risks can not only draw government scrutiny, but consumer scrutiny as well. Longstanding brand reputations are often anchored to institutions’ ability to protect their most sensitive data.

Managing and mitigating cyber risks can not only draw government scrutiny, but consumer scrutiny as well. Longstanding brand reputations are often anchored to institutions’ ability to protect their most sensitive data.

Compared to other industries, financial services is consistently a top target for cyberattacks. With financial motives reigning supreme, it’s unsurprising that financial organisations faced the highest percentage of breaches in the past year. Failing to protect consumers’ data can be a grave violation of trust. In a 2017 Carbon Black survey, 72% of consumers said they would consider leaving their current financial institution if their sensitive information was taken hostage by ransomware.

With international cybersecurity incidents impacting financial entities such as the SEC, Equifax, and Mossack Fonseca, security professionals require maximum visibility into their environments in order to prove to their boards and customers that they have not already been breached.

Too Little, Too Late Attacks that disrupt transactions or damage system integrity, even if no sensitive information is immediately exfiltrated, can result in millions of dollars in lost productivity and the possibility that attackers can implement hidden backdoors for future access. Verizon has found employee notification to be the most common internal discovery method. This points to a fundamental breakdown in financial organisations’ ability to detect malicious activity. Without continuous monitoring capabilities providing comprehensive visibility down to the endpoint, financial institutions are often broadsided by attacks. In an industry where compliance often mandates continuous monitoring, gaps in visibility are simply not an option. Compounding this problem is the rapid shift to a mobile workforce. When an employee mistakenly clicks a link in a phishing email from the perceived safety of a coffee shop, potentially thousands of miles away from the company’s corporate headquarters, what is in place to stop the attack?

The endpoint is the new perimeter. Understanding what’s happening on the endpoint is critical, no matter where in the world the endpoint may be. Most security solutions only selectively collect information about endpoint activity, with little regard for the full context security teams need. Without a clear picture of activity across the enterprise, financial institutions will never be able to fully understand a cyberattack in the context of the complete attack chain to effectively close security gaps and harden their defences for the next one.

Rethinking Your Security Strategy Continuous visibility across an enterprise, scalable threat hunting, and incident response solutions are all key tools for security professionals who are rethinking their strategies. Partial visibility is no longer an option. Many tools selectively record bits of activity at one point-in-time, forcing the onus of correlation on a security team already spread thin triaging a constant barrage of alerts. Full visibility is critical. Utilising advanced threat intelligence feeds (open or proprietary) and custom watchlists, SOCs can automate their detection to catch threats that other solutions often miss. Respondents of a recent SANS survey reported they are using endpoint detection and response to more quickly identify, stop and remediate threats that penetrate the network.

Are you looking for more information on defending financial institutions?

The European Banking Authority guidelines on financial institutions outsourcing to the cloud have recently been published, as of January 2018, and the compliance date is 1st July 2018. Considering these new regulations, including the General Data Protection Regulations (GDPR) which will come to force in May.

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
How to Review a Website — A Guide for Beginners

How to Review a Website — A Guide for Beginners

A company website is crucial for any business's digital marketing strategy. To keep up with the changing trends and customer buying behaviors, it's important to review and make necessary changes regularly...

Digital Doughnut Contributor
Digital Doughnut Contributor 25 March 2024
Read more
The Impact of New Technology on Marketing

The Impact of New Technology on Marketing

Technology has impacted every part of our lives. From household chores to business disciplines and etiquette, there's a gadget or app for it. Marketing has changed dramatically over the years, but what is the...

Alex Lysak
Alex Lysak 3 April 2024
Read more
The IoT-Connected Car of Today—Case Studies

The IoT-Connected Car of Today—Case Studies

Imagine a world where your car not only drives itself, but also says intelligent things. This would look like an impossibility about five years ago, but today the IoT is already breaking fresh ground for tech...

Ronald van Loon
Ronald van Loon 10 March 2017
Read more
10 Factors that Influence Customer Buying Behaviour Online

10 Factors that Influence Customer Buying Behaviour Online

Now is an era where customers take the center stags influencing business strategies across industries. No business can afford to overlook factors that could either break the customer experience or even pose a risk of...

Edward Roesch
Edward Roesch 4 June 2018
Read more
AI-driven Personalisation Dominates the Future of Travel and Hospitality Marketing

AI-driven Personalisation Dominates the Future of Travel and Hospitality Marketing

Travel and hospitality marketing is on the verge of dramatic transformation. Personalisation of marketing communications is moving from dream to necessity, and the change is putting marketers in the driving seat.

Michael Nutley
Michael Nutley 3 December 2024
Read more