Aaron Miller, Systems Engineering Manager, Palo Alto Networks
Financial organisations hold critical personal, financial and operational information which has made them particularly attractive targets for cybercriminals - last year the Financial Conduct Authority reported that UK finance groups were facing huge increases in the number of attacks they faced. While trying to protect this data, internal security and network teams are also coming under increasing pressure to support new technologies in the workplace, enable safe access to customer financial data from myriad entry points, and ensure compliance over financial transactions and sensitive customer data.
To be able to balance these two important issues, deploying a comprehensive cybersecurity strategy throughout the organisation is a must. An effective security architecture requires consistent security rules across the business - from the edge of your network to the core of your data centre.
Different components of an effective security platform arm financial institutions with layered defences to prevent cyberattacks. At the core, preventing attacks must be a priority, whether you’re a bank, asset manager or any other part of the financial ecosystem.
Get to grips with your network
Where does your network end? Given the complex nature of financial institutions, spread across multiple cities, countries or even continents, the task for IT teams can be vast. Consider also that mission-critical traffic from information exchanges can be trying to get in and out quickly, identifying and blocking attackers is more important than ever.
On the positive side for banks however, technology such as network segmentation can keep track of who can access what, restricting attacks from exploiting vulnerabilities in one area of your business to get into another – for example, stopping traffic from your retail branches moving sideways into your corporate data centres.
This is the type of attack we’ve seen target banks in the real world, such as the Carbanak malware - an advanced persistent threat (APT).
Get to grips with your technology
There’s been no shortage of innovations for the financial services industry, from mobility to cloud, companies are racing to make the most of the agility, flexibility and scalability on offer. However, security teams have an additional challenge of legacy systems remaining in their network, often in important customer facing functions such as ATMs. Teams therefore need to consider their full range of technology, from old legacy machines to brand new innovations and make sure all of it is protected.
Research from PwC found that 42% of asset management CEOs think that cloud computing will be strategically important. However, once your data is in the cloud it definitely isn’t a case of out of sight meaning out of mind. These systems should be considered a critical part of your infrastructure, which you’d protect just as much as if they were sitting in the corner of your office.
While some organisations race ahead with implementing new technologies, others are failing to prevent basic attacks by keeping unprotected technology in their systems. Many ATMs, for example, are based on an underlying Windows XP environment which Microsoft hasn’t officially supported since 2014. The scale and geographical spread of these devices is a big logistical challenge for banks. Throughout this long replacement cycle, there are solutions which can prevent these endpoints becoming a cyber security vulnerability.
Gone are the days when employees accessed networks through one device – the computer on their desk. Each employee having several devices, a laptop, a tablet and a mobile, is a realistic situation. Add to this the devices that are used by several employees, like tablets being used by staff in branch, and you can quickly develop a cyber threat.
Not only is good device management essential here, and strong, consistently enforced security policies are key to prevention. Teams must be able to monitor who, and what, is accessing a device, how data is being stored and if your employees use personal devices how these two worlds are separated. Finally, devices must be equipped with mobile security to prevent and detect vulnerabilities and exploits, and information on the latest threat intelligence.
Be compliant now
The imminent implementation of EU General Data Protection Regulation (GDPR), which applies from 25 May 2018, should be nothing new to cybersecurity teams or the financial services industry. The nature of the legislation means that prevention is key to compliance. Getting your systems up to scratch now means that you’ll not only be ahead of the game when it comes into force, but you’ll have a state of the art cybersecurity system and process in place to prevent attacks.
Make prevention your priority
Financial services work in an undeniably complex environment, reliant on sensitive information from across the globe, processing thousands of transactions a day with a vast geographical presence. Stopping attackers from getting into your network is the most effective way to protect your data. IT teams and businesses are under pressure to adapt to and implement the latest technology, which brings operational pressures from across different business functions.
Prevention is key. It’s a tough challenge, but should remain the core focus of your organisations’ security posture.