sb-nz logo
Story image

Financial services cybersecurity pain points security providers must consider

07 Jun 2017

If we were to think about the major technologies driving change in today’s businesses, the four trends we have seen skyrocket over recent years include – the cloud, the Internet of Things (IoT), mobility, and big data analytics.

In fact, a report from Gartner has forecasted that the public cloud services market will continue its rapid growth, expected to grow by 18 percent in 2017 alone. With this in mind, organisations in every sector are being tasked to keep up and this is evident in the financial services sector.

While digital business is simplifying life for the users of financial services, companies are being forced to deal with the impact of these trends on the makeup and footprint of their security solutions.

It is now paramount for financial services organisations to implement an architecture and strategy that has the capacity to support these trends. As a result, today’s financial services organisations are on the hunt for security solutions that address automation, control, consolidation and flexibility.

Here’s why network security providers must consider these four pain points:

Automation

Organisations are always adding, changing and moving devices and users due and although workflows are automatically rerouted between resources in a matter of minutes, this is an area where security struggles with. IT security teams simply can’t keep up with the policy changes that dynamically shifting networks require. This machine vs. human dynamic can lead to gaps in security, as changes that can take seconds or minutes for a network infrastructure could take hours or days for security teams.

Control

The growth of IoT devices now means there is an even larger attack surface for hackers. This incredible growth is a cause for concern for many CIOs, as they often struggle with knowing how and where to deploy security solutions.

Does the network need more endpoint protection? Are the attack threats occurring at the software-defined perimeter? Does traffic need to be segmented internally? What about cloud applications or IaaS? Does my security extend seamlessly to there? These are all questions that are being frequently asked across the industry.

Consolidation

As security devices are deployed into the stack, one of the biggest challenges is simply sorting through all the available data. As new devices are added, so too are additional reporting tools and management consoles, leaving the CIO and their team yearning for a unified view of what’s happening across the network.

Gathering intelligence and thwarting advanced threats in a complex, multi-vendor security environment is often reduced to hand-correlating data and manual threat analysis, paired with some blind luck. For this reason, it’s common for advanced threats to sit inside a compromised network for months before they are detected.

Flexibility

With the cloud comes flexibility and the opportunity for businesses to scale up and down with demand. However, this has pushed the challenge of consistent security beyond the tipping point with organisations now asking ‘do we adopt a public, private, hybrid, or mixed deployment?’ and issues around security play a role in that answer.

This decision is partly determined by the scale of the existing infrastructure but is also a prioritisation of what infrastructure is less critical and can therefore be in the public cloud vs. critical areas that need to be stored in a private cloud. Since cloud and on-premise security solutions rarely meet, organisations must evaluate how comfortable they are with reduced visibility and control over the data that is stored in the public cloud.

With the amount of sensitive financial data that is now hosted in cloud environments, more so than ever, the cloud is an attractive target for hackers.

Since these trends are not likely to change any time soon, organisations need a security architecture that is fast and flexible, has the ability to tie isolated security devices together to provide complete and adaptive security priced to value, and rich in functionality. If the financial services sector wants to defend against today’s advanced threat landscape, they require a scalable and easy-to-manage integrated security approach that a fabric-based framework can provide.

Article by Jon McGettigan, senior director, APAC and the Pacific Islands at Fortinet.

Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More
Story image
Five Eyes nations want legal access to backdoors to fight 'illegal content'
The nations argue that encryption can make the enforcement of public safety difficult, particularly when it comes to serious problems like child exploitation. More
Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
BlackBerry partners with ServiceNow for incident response management
BlackBerry has announced it has entered into a partnership with ServiceNow to integrate the BlackBerry AtHoc service within the Now platform for rapid crisis communications and IT service management. More