How Advanced Threat Protection Can Help Protect Financial Data
Credit to Author: Brian Forster | Date: Thu, 23 Feb 2017 13:21:15 -0800
Technology integration in the financial services industry has opened opportunities that could only be dreamed of a few decades back. Around the turn of the millennium, we began seeing banks set up websites for internet-based banking, and about a decade later, mobile banking customers began tapping their smartphones to make payments at retail stores.
Inside the walls of financial institutions themselves, employees are leveraging technology such as email and mobile devices to streamline processes and provide a better overall customer experience.
Industry research indicates that this technological evolution, and its related spend, is just hitting its stride: IDC expects IT spending to grow from its current total of nearly $2.4 trillion to more than $2.7 trillion in 2020, led by financial services. Stephen Minton, vice president of Customer Insights and Analysis at IDC, says, "While the consumer and public sectors have dragged on overall IT spending so far in 2016, we see stronger momentum in other key industries including financial services and manufacturing.”
While this growth in technology has enriched the industry, it’s also introduced data risks that many financial organizations are simply not prepared to defend. Since technology is now a part of the financial services industry’s DNA, the threats to its data are larger than ever. With this in mind, financial organizations should look to advanced threat protection (ATP) solutions as a way to keep their data safe.
Here’s how they work:
Prevent
One of the best ways to defend against malware and other prominent threats in the financial services industry is to limit the surface area while controlling access to valuable data up front. Organizations should only grant access to those that truly need it, and be sure to validate any and all devices that are granted network access. Next, advanced threat protection frameworks utilize technologies like anti-phishing, antivirus, and application control to prevent breaches. Antivirus solutions may be the most critical to ATP as it’s common to all components of the framework.
Powerful ATP solutions also feature signature detection technology that can identify mutated variants of traditional signatures to better detect malware. With this capability, they’re able to catch thousands of new variants and stop them in their tracks in real time, whether the threat originates via email, file transfer, or web browsing.
Detect
Gone are the days of predictable attack methods. The cyber criminals targeting the financial services industry today are smart, and they’re finding new and unique ways to get into the financial services network. For this reason, organizations need to have a framework in place that can detect brand new threats and add them to the shared intelligence database.
ATP frameworks typically utilize sandboxing as a way to test unknown items in a secured environment and analyze how they behave. Thanks to this method, IT teams are able to turn previously unknown items into known threats before they become an issue. If an item is deemed to be malicious it is passed along to other parts of the ATP framework, and the resulting threat intelligence is passed along to other products.
Mitigate
After a threat has been identified, it’s important for it to be immediately mitigated. Advanced threat protection solutions can automatically handle threats by sharing intelligence between prevention and detection products. They can also be handled via “assisted mitigation,” which is a combination of technology and people working together as a cohesive unit.
Once malware has been detected, a three-step process comes into play to successfully mitigate:
- Containment: Today’s network “perimeter” is very hard to define because of the cloud and IoT. With an ATP framework, organizations can segment networks based on criteria like user identity, device type, and location. With this strategy, the movement of an attack is limited and the likelihood of it impacting other parts of the network is greatly reduced.
- Analysis: When a breach occurs, the malware needs to be analyzed and added to all systems so it becomes a known entity.
- Memory: After the malware has been added to the systems, it’s then stored and fed back to all other products as a critical update.
Final Thoughts
As cyber criminals continue to identify new attack methods, security solutions will need to adapt accordingly. While this cycle will likely continue for the foreseeable future, ATP solutions can help IT teams come out on top and keep their critical financial data secure.
Let’s get a conversation going on Twitter! How is your organization keeping pace and defending against today’s evolving threats?