Prescriptive Security: vital for handling the increased security complexity at financial institutions in the digital age
The pressure on banks and insurance companies is increasing once again. Digital is opening up new opportunities for cybercriminals and cyberattacks are growing in scale, complexity and frequency. Criminals also engage in everything from money laundering to violating trade embargos, as well as exploiting the complex and unstable world of international regulations to conduct ‘grey zone’ transactions.
Analysts’ rankings that consider security maturity may be affected; in turn, affecting the refinancing condition of a bank and the cost of risk for insurers. As such, cybercrime becomes a positive or negative lever for the core business.
New regulations are also forcing security maturity. These are only adding to the pressure by inflating the cost of managing risk and compliance. But some of financial institutions’ largest threats come from inside their four walls; digital offers disgruntled employees new opportunities for getting rich quick.
Let’s discuss these threats in a little more detail and explore how ‘Prescriptive Security’ can relieve the pressure on financial institutions.
Taking a more proactive approach to security
In the past, security was about searching for a needle in a haystack, where the needle was an isolated intrusion. But attack surfaces have increased, making finding those needles – that increasing number of intrusions – almost impossible.
Banks and insurance companies need to adapt their security strategies in response; they need to detect and neutralize cyberattacks proactively before these reach their goal. To do this, banks and insurance companies must detect weak signals in near real time, which isn’t easy.
Take, for example, the growing number of customers using digital channels to interact with the bank. The number of transactions they’re initiating from mobile devices is increasing, and the volume of data coming from these devices is mounting. So, looking specifically at mobile payments, how do you detect and prevent suspicious mobile payments before they’re even initiated when digital payments have to be processed within milliseconds?
The answer lies in ‘Prescriptive Security’. This proactive approach to security uses big data analytics and automation to detect security events more precisely. Together these technologies detect weak signals and predict risks by rapidly analyzing massive amounts of data – so you can react to suspicious behaviors immediately.
By correlating and analyzing information about a device making a payment and the behavior of its user, Prescriptive Security gives you a more precise view on whether a payment is suspicious and predicts whether it poses a risk. A user in a different location to their mobile device, for instance, might arouse suspicion; as might a jailbroken device or someone using multiple different mobile devices or SIM cards.
Data protection is a key challenge
Data protection is also key to the industry and is being forced by the new European General Data Protection Regulation (GDPR). Data protection requires all information to be correlated so suspicion attempts at accessing information can be detected and eliminated rapidly. This can be achieved with Prescriptive Security.
So, what is GDPR and what impact will it have? By May 2018, financial institutions with operations in the EU Member States will have to have sufficient processes in place to not only give individuals more control of their data but also ensure data always remains protected and report any breaches within 72 hours.
This new EU data protection framework aims to address new challenges brought by the digital age. After all, information is now being shared more widely than ever before. It enforces rules on how organizations collect, process and protect customers’ information.
The cost of non-compliance will be high. Fines could reach up to four percent of an organization’s global annual turnover. If you consider a global bank with revenues of €30 billion, that fine could reach €1.2 billion!
But you now have less than a year to prepare.
Preparing for GDPR
Preparing for GDPR requires considerable planning. The first stage involves assessing your processes and the tools you currently use to give you a clear picture of where you are today in comparison with where you need to be. Once you’ve detected any gaps, you’ll be able to define an action plan.
During this stage, you’ll need to consider where you are in protecting your critical data from both organized cyber criminals and the insider threat. While a cyber criminal may be looking to sell your customer data to the highest bidder, an unhappy employee may be open to exploiting their access to digital information.
Let’s look at HR processes as an example. Do these ensure employees leaving your company relinquish all the information assets they’ve accessed? For this, you’ll need a clear picture of both what data they’ve accessed and where they’ve copied it.
Whereas previously you may have relied on confidentiality agreements and trust to mitigate insider threats, these are no longer enough. With cyber criminals offering insiders millions of Euros, the temptation is now much higher. With GDPR, the cost of a breach rises too.
The second stage focuses on adopting the technologies you’ll need. These fall broadly into three categories: technologies for data loss prevention (DLP), for data encryption and for managing privileged access.
A modern approach to DLP and GDPR harnesses the powers of automation and supercomputing to quickly anticipate potential threats and make changes to stop them in their tracks. Track and trace technologies continuously monitor the actions performed on data while big data correlates information from across a wider variety of inputs, such as threat feeds, network activity and endpoint agents.
Prescriptive Security with its advanced algorithms can quickly identify any suspicious behaviour, triggering remediation actions for eliminating threats without delay. The real-time changes aimed at avoiding breaches might block attempts to take a screenshot of data, to copy data to a removable device or to send it to a Dropbox account, for example.
Optimizing your resources
You can then make use of learning technologies to build a picture of how behaviors are changing over time. This picture will help you accelerate your responses and minimize false positives so your security analysts can then spend their valuable time investigating what happened in the real attacks rather than wasting it on suspicious events that will never lead to a security threat.
There’s also another important aspect to minimizing data risk: limiting individuals’ access to data. By encrypting data, for example within databases, you can minimize the number of people able to abuse that data – both inside and outside of the company. Privileged User Management (PUM) can then be used to provide highly granular access rights only to appropriately authorized personnel. This restriction in access then means fewer resources are required to monitor how individuals are using data.
A new generation of security operations
While we now live in an increasingly real-time and inherently unpredictable world; we also have a greater breadth of information available to us.
Prescriptive Security is vital for financial institutions for addressing the increased security complexity in the digital age. Its big data and automation are critical for the new generation of security operations. These technologies leverage the increasing variety and velocity of information to help you identify and react to threats before they occur. While implementing them may seem daunting, experienced experts are available to help you put them to full use.
Are you ready for the increasing complexity and frequency of security threats along with the data protection required by GDPR – inside as well as out?