Story image

Why financial services firms shouldn't fear cloud security

21 Aug 2017

Data security concerns may be delaying financial services providers’ move to the cloud, but it’s a fear that is leading to missed opportunities in efficiency gains and cost savings, according to advice from Palo Alto Networks.

If organisations take the right security precautions, there is no reason to avoid the benefits that cloud brings, the company states.

Palo Alto Networks Asia Pacific vice president and regional CISO Sean Duca says that in the recent State of Cybersecurity in Asia Pacific report, 31% of Asia Pacific organisations name cloud migration as one of the biggest issues that financial services organisations face.

“Interestingly, this trend remains roughly similar for companies regardless of market, industry or number of employees. This indicates that, in a world of increased interconnectedness, all businesses worry about the impact their internal shortcomings may have on their external vulnerabilities, and vice versa,” the report says.

Duca explains that the State of Cybersecurity in Asia Pacific report interviewed 500 participants across Australia, China, Hong Kong, India and Singapore.

“The study included over 100 respondents from Australia. While some Australian banks are starting to experiment with moving to the cloud, there are still many who remain apprehensive due to concerns their customers’ data might be compromised,” he says.

The report found that financial organisations across Asia Pacific are also seeing increased budgets for cybersecurity. 72% of surveyed financial organisations reported increased budgets; with India, China, Singapore and Hong Kong leading the way.

Duca believes that data security is important. If it is done right, it won’t be the major fear some organisations believe it could be.

“As cloud adoption grows across the industry, financial services organisations need to put the data being passed to the cloud through the same scrutiny as all other data. Visibility into that data needs to be maintained, and security policies and management must be applied consistently regardless of the location of that data. If they do this effectively, financial services organisations don’t need to fear the cloud,” he explains.

He also says that financial services organisations operate in a highly-regulated environment.

“Any loss of organisational or customer data could have reputational implications and lead to financial penalties. While it’s impossible to prevent every breach, the most important thing is to stop the attacker from achieving their objective and thus prevent material impact on the business.”

In order to properly secure data security, IT teams should keep abreast of the most likely targeted threats, prioritise them in terms of their potential business impact, and then form mitigation strategies to reduce risk and effects of a successful attack.

“Most organizations in the Asia-Pacific region (58%) believe that the “detect and respond” approach to cybersecurity is more important than prevention,” the report says.

The company says that regardless of how data is accessed and shared, it must be secured to protect organisations and customers. Financial services organisations should control network access, segment traffic, and invest in solutions that can help them manage the complex nature of today’s cybersecurity landscape.

Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Tech community rocked by deaths of Atta Elayyan and Syed Jahandad Ali
Both men were among the 50 killed in the shooting in Christchurch last Friday when a gunman opened fire at two mosques.
NZ ISPs block internet footage of Christchurch shootings
2degrees, Spark, Vodafone and Vocus are now blocking any website that shows footage of the mosque shootings.
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.