Freely subscribe to our NEWSLETTER

“It’s clear that over the past decade spending on I.T and - more specifically - security has been increasing at an exponential rate. We’ve also seen a tectonic shift in mindsets from a security perspective within the finance sector generally; not least because of the proliferation of threats many of which were highly publicised. Overall this means that banks are incorporating security practices at the forefront of I.T spend and looking to adopt better practices through new technologies and services.

Unfortunately given the proliferation of successful attacks across our financial industry, it is clear that further investment is needed or at the least re-focus in how effectively existing budgets are being utilised. The main challenge organisations face today is that hacker cells have become incredibly sophisticated at how they target and infiltrate victims. In many respects the industry is a victim of the rate at which existing technologies have matured, making it extremely hard to infiltrate target networks through legacy channels; Gone are the days of old “smash-and-grab” heists – we now face a new age were hackers are having to work much harder and smarter in getting through the front door, taking their time to profile their targets, understanding the weakest links and ultimately focusing on the tried and tested methods of social engineering through targeted spearphising campaigns and malware embedded in malicious e-mail links or files. All said however, the industry is not doing our finance organisations any favours with code exploits seen at an alarming rate in our most used web based and office applications, many of which are “zero-day” threats that existing point security solutions can be very ineffective alone at detecting.

Financial organisations need to re-focus on how they can monitor their organisation I.T infrastructure (users and technology) for threat and non-compliance activity, as opposed to spending more on technology itself. Looking to invest in services around security, where data transactions are monitored 24x7 for indicators of compromise or threat and non-compliance activity by organisations whose sole focus is on detecting such activity and who themselves invest heavily in threat intelligence and analytics across the industry as whole. If partnership with external services based companies is not your “cup-of-tea”, then looking to build out internal security operation centres manned 24x7 with access to real-time threat intelligence has to be an area of focus for I.T spend, however one would question how fast an finance organisation could scale to ensure effectiveness of such a service internally, without the increased risk of further data-loss and/or breaches in the interim. The fact of the challenge is that it’s less about technologies themselves and more about data-analytics of the content those technologies provide in real-time, that is the answer to detecting the new age of “zero-day” threats.

Ultimately if financial organisations continue to lose data or suffer breaches at the rate we are seeing over the past 12 months, then it’s the consumer that will end up paying more. Not least in terms of collateral damage where our personal data is now being sold on the underground markets or released to the public domain, but also in terms of these organisations looking to spend more reactively in trying to protect themselves most likely by continuing spend without a change of I.T Security strategy. We have a lot to learn in the financial sector from each and every breach suffered in the industry – the smart money will be spent on deep analysis of how successful breaches proliferated and understanding the “anatomy of defence” against these attackers, looking to methodologies built around things such as “the kill chain for intrusion detection” and how our own processes and capabilities map, thus revealing our areas of weakness and where focus needs to be applied.”