23 September 2017
Paul Irvine

Cybersecurity in FS

Paul Irvine - Fortinet

5Posts 37,378Views 0Comments
Information Security

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

The evolution of network security strategies being adopted by the financial services sector.

15 August 2017  |  6176 views  |  0

The rise in popularity of the Internet of Things (IoT) and a consumer desire to access valuable data on various devices has led to network security becoming increasingly complicated for financial services providers.

As financial institutions transition their network security strategies to meet these consumer demands and grant greater individual access to their networks, they must also be conscious of the ever-evolving threat landscape. The cyberattacks of today are constantly becoming more sophisticated in order to outwit traditional network security measures. In addition, increased access to the network by IoT devices (such as mobile phones, and tablets) has resulted in an increase of possible attack vectors.  As such, the need for evolved network security is further emphasised by the attention it has garnered from government regulators, who are shining a spotlight on compliance and security at financial institutions of all sizes.

The Challenge

Strong network security revolves around two key factors: speed and service. Network experience is typically judged by how quickly bits of information get from point A to point B, and how quickly applications are able to respond to queries. In finance in particular, rapid communication and effective security is vital, and neither can come at the expense of the other. Furthermore, consumers have come to expect access and the ability to edit information stored within the network through the web. This ability is integral to staying competitive, with more than 60 per cent of financial institutions currently developing cloud strategies as a result.

Network security strategies are having to change and adapt to meet this increase in demand for real-time, on-demand services. Data must now be more secure, travel faster, and be more readily available across devices, all of this in spite of being constantly under attack from sophisticated threats.

Looking ahead, financial services firms will be forced to respond to new attack vectors that threaten their core functions. And as these trends persist, robust network security strategies need to evolve to include the following tactics:

Detection

In order to adapt to meet these new challenges requires moving away from the traditional tactic of simply focusing your security efforts at your network perimeter – what’s required is something much more comprehensive.   As today’s perimeters are become more dynamic and increasingly temporary, rendering edge-based protection less and less relevant. What’s more, security professionals have come to understand that it is simply impossible to stop every attack. The reality is, an organisation will be breached, and security needs to be designed with this in mind.

Effective security strategies have had to transition from simply relying on intrusion protection to intrusion detection as well. Intrusion detection systems operate on the assumption that an attack will breach network perimeter defences. They are able to scan the network for abnormal behaviour in order to detect live attacks that have evaded the perimeter in order to reduce the time security teams are kept in the dark, because the longer an intruder or malware resides undetected within the network, the higher the probability it will be able to find and steal valuable information. The goal is to detect and mitigate the threat before data loss occurs.

This expansion from perimeter-based protection to include security measures at network segmentation demarcation points, deep in the core of the network marks, and out to the cloud are an important strategic shift in network security as financial services firms navigate today’s threat landscape with the digital evolution of the modern workforce.

Response

With intrusion detection systems in place, incident response is the next logical step in ensuring attacks are mitigated quickly and effectively once detected. With today’s new threats, incident response is required to go beyond having a list of procedures to follow in the event of an attack. A response needs to include integrated tools that provide full visibility into the security posture of the network. It should also include automated solutions that are able to identify and respond to the abnormal activity, and the forensic tools to analyse and ensure similar threats are thwarted in the future. Once malware is detected, it’s important to have an integrated security structure in place across your entire extended network to mitigate its impact before it can further compromise your network.

Intelligence

Once a threat has been mitigated, the incident response team needs to assess the threat to ensure that protocols are updated to keep similar threats from being successful in the future. Threat research is just as important as intrusion prevention and incident response. Teams study critical areas such as malware, botnets, and zero-day attacks in order to identify device or network vulnerabilities, uncover weak threat vectors, and create mitigation signatures, putting your organisation in the best possible footing to face down threats in the future.  In doing so, the broader network security is hardened, and updated with abnormalities to look out for, and enhanced with the tools needed to stop them from causing damage. Solid threat intelligence is key to keepings your network steps ahead of attackers by establishing protocols for both known and unknown vulnerabilities.

Four key changes have made it necessary for financial institutions to re-evaluate their approach to network security: cloud-based infrastructure and services, the rise of IoT, the ever-increasing sophistication of cyberattacks, and stricter government regulations. As the internal network interacts more with the cloud, and attacks become more grandiose, it is inevitable that an attack will successfully breach the network. Which is why it is critical that an organisation’s security focus shift in order to ensure that once malware has made it into the network, it can be detected and remediation efforts can begin as quickly as possible to ensure the least possible damage and reduce the chance of recurrence. 

TagsSecurity

Comments: (0)

Comment on this story (membership required)

Latest posts from Paul

Financial services: Reduce the cyber risk from within

17 August 2017  |  8041 views  |  0 comments | recomends Recommends 0 TagsSecurityGroupInformation Security

Why remote working presents an increased threat to financial services

16 June 2017  |  8411 views  |  0 comments | recomends Recommends 0 TagsSecurityGroupInformation Security

4 Cybersecurity Crunch Points Facing the Financial Services Sector

28 April 2017  |  11490 views  |  0 comments | recomends Recommends 0 TagsSecurityGroupInformation Security

Consolidation and integration of security solutions in Financial Services

29 March 2017  |  3261 views  |  0 comments | recomends Recommends 0 TagsSecurityGroupInformation Security

Paul's profile

job title Director, Major Accounts UK&I
location London
member since 2017
Summary profile See full profile »

Paul's expertise

Member since 2017
0 posts0 comments
What Paul reads
Paul writes about
Security

Who's commenting on Paul's posts