Three Key Security Considerations for Financial Services Firms

Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Finance

Published by Gbaf News

Posted on August 16, 2012

Featured image for article about Finance

-By Leon Ward, Field Product Manager of IT security specialists Sourcefire UK.

(In this article, Leon explains what should be the top three IT security considerations for financial services and offers advice on how the financial sector can stay protected.)

It was announced towards the end of last year that a new police Cyber Crime Unit is to be set up to protect Britain against the growing threat of attacks on the internet and in electronic communications. The new team will be in place by 2013 and forms part of a £650 million Government drive to tackle what the Government says is a real and growing threat to the UK’s national interests from cyber attacks by organised criminals, terrorists, hostile states and ‘hacktivists’. Leon Ward

The government has estimated that cyber crime costs the UK a whopping £27 billion per year. In the financial sector, cyber crime continues to increase and is a major cause of losses, ahead of accounting fraud, bribery, corruption and money laundering.

According to a recent global report by PwC, cyber crime is the second most commonly reported economic crime affecting financial services firms. Of the 3,877 business surveyed across 78 countries, cyber crime accounted for 38 percent of criminal incidents for financial companies compared with only 16 percent in other businesses.

Account takeovers, third-party payment processor breaches, securities and market trading exploitation and mobile banking schemes are just a few of the types of damaging cyber criminal exploits. With an established underground economy servicing the needs of the market for stolen and compromised data, financial organisations need to protect their critical infrastructures as cyber threats become increasingly sophisticated and wide ranging.

Delivering adaptive and flexible security to aid compliance monitoring and control is a must. In order to secure data and assets and manage and minimise network security risks, financial services firms should be looking to implement technologies based on three key considerations:

Agility – Traditional security tools were designed for stable, slow changing environments. They weren’t built to deal with today’s ever-changing conditions and new attacks. In order to be agile, modern security technologies must be able to do four things: see everything in the environment including assets and users on the network and attacks against them, learn by applying security intelligence to this data, adapt defenses automatically and act in real time for the fastest possible protection. Through a continuous process of see, learn, adapt and act, security technologies that are agile can deliver more effective protection for financial services firms because they have the ability to respond to continuous change.

High Performance – Performance is critical to financial services networks. Security appliances that include specialised acceleration technology to speed flow and packet handling as well as multiple processors to expedite acquisition and classification of network traffic and application and control plane processing offer the massively parallel processing power to handle demanding throughput requirements. To be certain vendor claims of performance are reliable, consult third-party labs which regularly conduct tests of the latest IT security solutions and provide an efficient and neutral way gain validation.

Low Latency – In the case of network security appliances, latency refers to the delay a device introduces to a network. Real-time financial services applications, such as high-frequency trading and transaction processing are extremely sensitive to latency. Microseconds can translate into billions of dollars gained, or lost. One way to reduce latency is to consolidate security functionality on a single device. Multiple point solutions each with their own device introduce their own latency that soon compounds. However, simply consolidating security functionality on a single device can still introduce delay and increase latency if each security solution has its own engine. Instead, devices that offer a single-pass engine are designed for minimal latency. By sharing processing across multiple security applications (i.e., monitoring and assembling data packets for security processing and inspection) a single-pass engine affords efficient application of multiple security functions (access control, threat detection and inspection, behavior analysis, host profiling, etc.) while maintaining high throughput performance.

When evaluating security technologies that include a single-pass engine and consolidated functionality, for example a Next-Generation Firewall with integrated intrusion prevention capabilities, make sure the technology includes next-generation capabilities through and through. Security technologies that sacrifice protection to achieve lower latency may expose the organisation to risk.

The financial services industry embodies the term “time equals money.” In a sector in which many of the products are commodities, customer experience, confidence, trust, productivity and protection are critical to success. Security technologies that leverage the latest advances in design and engineering to deliver agility, high performance and low latency without compromising protection can mean the difference between profits and problems.

Subscribe to our newsletter

Global Banking and Finance Review

Company