Editorial & Advertiser disclosure

Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Technology > SECURING FINANCE AND INSURANCE ORGANISATIONS – WHY THERE’S NO SILVER BULLET

SECURING FINANCE AND INSURANCE ORGANISATIONS – WHY THERE’S NO SILVER BULLET

Published by Gbaf News

Posted on January 31, 2014

11 min read

Last updated: January 22, 2026

Men's skincare products including moisturizers and creams - Global Banking & Finance Review — An overview of men's skincare products, highlighting key items like moisturizers and creams, reflecting the growth of the $13 Bn market by 2029. This image relates to the increasing demand for men's personal care in the finance and banking industry.

Leon Ward, Director, Product Management, Sourcefire

Banks, brokerage firms, and insurance companies are all intent on enhancing customer experience, while ensuring confidence and trust, improving productivity, and protecting private and sensitive information.

Like all organisations, however, the finance and insurance industries are under constant threat from cyber security attacks, which are jeopardising their ability to provide the upmost protection for customers.

Leon Ward

Leon Ward

The primary motivation of these attackers is money; whether targeting it directly via your identity (by accessing internal accounts and applications), or indirectly through ‘downstream fraud’; data exfiltration of transactions. As these industries are seen as high-value targets, they attract significantly more direct and tenacious criminal attention than other sectors.

Attacks can range from bank specific malware, advanced persistent threats, zero-days, targeted attacks, to emerging tactics such as the Man-in-the-Browser attacks, viruses, Trojans, Distributed Denial of Service attacks, worms and phishing. Further, given the nature of the finance and insurance sector – which holds a vast amount of private and sensitive data – the sector faces even greater complexity when protecting information.

In Australia, there are a number of regulations, which provide security guidelines to ensure the protection and integrity of both company and customer. Some of these regulations include:

Payment Card Industry Data Security Standard (PCI-DSS): this provides an actionable framework for developing a robust payment card data security process – including prevention, detection and appropriate reaction to security incidents.
ISO/ IEC 15408: an international standard providing assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use.
Control Objectives for Information and Related Technology (COBIT): a business framework for the governance and management of enterprise IT.
Australian Prudential Regulation Authority (APRA): the prudential regulator of the Australian financial services industry that ensures that that, under all reasonable circumstances, financial promises made by institutions are met within a stable, efficient and competitive financial system.

Even with regulations and compliances in place, however, the sector still continues to fall victim to cyber security attacks. This is not through any fault of its own, but the fact that, unfortunately, there is no silver bullet to security. Even the most security conscious organisations are realising that breaches are no longer a question of ‘if’ nor a question of ‘when’. Now it’s simply a matter of ‘how often the attack happens’. Detection and blocking technologies only address part of the problem at a specific point in time and lack the decisive insight to find, analyse and remediate compromised systems on an ongoing basis.

Outlined below, are five tips to help finance and insurance businesses be better prepared for cyber attacks:

1. Adopt a threat-centric approach to security: Attackers don’t discriminate and will take advantage of any gap in protection to reach their end goal. Rather than relying on disparate ‘silver bullet’ technologies that don’t – and can’t – work together, businesses need solutions that address the extended network. This means protecting endpoints, mobile and virtual environments and sharing intelligence in a continuous fashion that spans the full attack continuum– before, during and after an attack. Look for technologies that go beyond point-in-time detection and blocking to include a continuous capability, always watching and never forgetting, so you can mitigate damage once an attacker gets in.

2. Automate security as much as possible: Manual processes are inadequate to defend against relentless attacks that often employ automated techniques to accelerate and broaden attacks. Businesses need to reduce labour-intensive tasks and streamline security processes. Tools that can intelligently identify and automatically alert only on relevant security events can save security teams hours investigating events that aren’t real threats. In addition, being able to automatically enforce and tune security policies and rules to keep pace with the changing threat landscape and evolving IT environment minimises risk of exposure to the latest threats and vulnerabilities.

3. Leverage retrospective security: Modern threats are able to disguise themselves as safe, pass through defenses unnoticed, remain undetected and later exhibit malicious behaviour. Look for technologies that address this scenario by continuously monitoring files originally deemed “safe” or “unknown” and enabling you to apply retrospective security – the ability to quickly identify scope, track, investigate and remediate if these files are later determined to be malicious.

4. Hone your incident response processes: Security events happen and many organisations don’t have an incident response plan in place. Every organisation should have a designated Incident Response team that is trained to communicate and respond to security events. The team needs to be backed by documented processes and policies. For example, an InfoSec Policy must be put in place to ensure you’re protecting the right data. An Incident Response Runbook with clear step-by-step instructions for the team to follow in the event of an attack, including incident notification and a collaboration call tree, leads to better, swifter and more accurate containment and remediation. Finally, systematic program reviews on a quarterly basis can ensure that your policies, configurations and rules performance are protecting your organisation as needed.

5. Educate users and IT security staff on the latest threats. Educating users so they are wise to these techniques and putting policies in place to restrict user behaviour can go a long way toward preventing these malicious attacks that often rely on relatively simple methods. Organisations must also be committed to keeping their staff highly trained on the current threat landscape. Ongoing professional development with a specific focus on being able to identify an incident, know how to classify it and how to contain and eliminate it will help keep security teams apprised of the latest techniques used by attackers to disguise threats, exfiltrate data and establish beachheads for future attacks.

In a world in which attackers seem to be gaining an advantage, defenders need to fight fire with fire. With the right regulations, compliances and precautions in place, as well as security technologies that enable visibility, automation and intelligence, organisations can help break the attack chain and finally come closer to winning the war against cyber criminals.

Leon Ward, Director, Product Management, Sourcefire

Banks, brokerage firms, and insurance companies are all intent on enhancing customer experience, while ensuring confidence and trust, improving productivity, and protecting private and sensitive information.

Like all organisations, however, the finance and insurance industries are under constant threat from cyber security attacks, which are jeopardising their ability to provide the upmost protection for customers.

Leon Ward

Leon Ward

The primary motivation of these attackers is money; whether targeting it directly via your identity (by accessing internal accounts and applications), or indirectly through ‘downstream fraud’; data exfiltration of transactions. As these industries are seen as high-value targets, they attract significantly more direct and tenacious criminal attention than other sectors.

Attacks can range from bank specific malware, advanced persistent threats, zero-days, targeted attacks, to emerging tactics such as the Man-in-the-Browser attacks, viruses, Trojans, Distributed Denial of Service attacks, worms and phishing. Further, given the nature of the finance and insurance sector – which holds a vast amount of private and sensitive data – the sector faces even greater complexity when protecting information.

In Australia, there are a number of regulations, which provide security guidelines to ensure the protection and integrity of both company and customer. Some of these regulations include:

Payment Card Industry Data Security Standard (PCI-DSS): this provides an actionable framework for developing a robust payment card data security process – including prevention, detection and appropriate reaction to security incidents.
ISO/ IEC 15408: an international standard providing assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use.
Control Objectives for Information and Related Technology (COBIT): a business framework for the governance and management of enterprise IT.
Australian Prudential Regulation Authority (APRA): the prudential regulator of the Australian financial services industry that ensures that that, under all reasonable circumstances, financial promises made by institutions are met within a stable, efficient and competitive financial system.

Even with regulations and compliances in place, however, the sector still continues to fall victim to cyber security attacks. This is not through any fault of its own, but the fact that, unfortunately, there is no silver bullet to security. Even the most security conscious organisations are realising that breaches are no longer a question of ‘if’ nor a question of ‘when’. Now it’s simply a matter of ‘how often the attack happens’. Detection and blocking technologies only address part of the problem at a specific point in time and lack the decisive insight to find, analyse and remediate compromised systems on an ongoing basis.

Outlined below, are five tips to help finance and insurance businesses be better prepared for cyber attacks:

1. Adopt a threat-centric approach to security: Attackers don’t discriminate and will take advantage of any gap in protection to reach their end goal. Rather than relying on disparate ‘silver bullet’ technologies that don’t – and can’t – work together, businesses need solutions that address the extended network. This means protecting endpoints, mobile and virtual environments and sharing intelligence in a continuous fashion that spans the full attack continuum– before, during and after an attack. Look for technologies that go beyond point-in-time detection and blocking to include a continuous capability, always watching and never forgetting, so you can mitigate damage once an attacker gets in.

2. Automate security as much as possible: Manual processes are inadequate to defend against relentless attacks that often employ automated techniques to accelerate and broaden attacks. Businesses need to reduce labour-intensive tasks and streamline security processes. Tools that can intelligently identify and automatically alert only on relevant security events can save security teams hours investigating events that aren’t real threats. In addition, being able to automatically enforce and tune security policies and rules to keep pace with the changing threat landscape and evolving IT environment minimises risk of exposure to the latest threats and vulnerabilities.

3. Leverage retrospective security: Modern threats are able to disguise themselves as safe, pass through defenses unnoticed, remain undetected and later exhibit malicious behaviour. Look for technologies that address this scenario by continuously monitoring files originally deemed “safe” or “unknown” and enabling you to apply retrospective security – the ability to quickly identify scope, track, investigate and remediate if these files are later determined to be malicious.

4. Hone your incident response processes: Security events happen and many organisations don’t have an incident response plan in place. Every organisation should have a designated Incident Response team that is trained to communicate and respond to security events. The team needs to be backed by documented processes and policies. For example, an InfoSec Policy must be put in place to ensure you’re protecting the right data. An Incident Response Runbook with clear step-by-step instructions for the team to follow in the event of an attack, including incident notification and a collaboration call tree, leads to better, swifter and more accurate containment and remediation. Finally, systematic program reviews on a quarterly basis can ensure that your policies, configurations and rules performance are protecting your organisation as needed.

5. Educate users and IT security staff on the latest threats. Educating users so they are wise to these techniques and putting policies in place to restrict user behaviour can go a long way toward preventing these malicious attacks that often rely on relatively simple methods. Organisations must also be committed to keeping their staff highly trained on the current threat landscape. Ongoing professional development with a specific focus on being able to identify an incident, know how to classify it and how to contain and eliminate it will help keep security teams apprised of the latest techniques used by attackers to disguise threats, exfiltrate data and establish beachheads for future attacks.

In a world in which attackers seem to be gaining an advantage, defenders need to fight fire with fire. With the right regulations, compliances and precautions in place, as well as security technologies that enable visibility, automation and intelligence, organisations can help break the attack chain and finally come closer to winning the war against cyber criminals.