By Michael Callahan, VP of FireMon
Can the Finance Sector Counter and Manage the Alarming Gap Between Security and Technology?
As the world of IT security has developed, so too have the issues plaguing the enterprises that have adopted advanced security strategies. For years, experts have been trying to resolve a security deficit with a slew of technologies that it has now exploded out of control. Almost unknowingly, gaps have formed within cybersecurity protection and infrastructure across various industries. One industry in particular is likely to suffer the most, given the sensitive nature of its infrastructure and data it needs to protect from cyber attackers – the banking sector.
As banking transitions to online, mobile and on the go, the security infrastructure to support it has also multiplied – and that means more investment in security technology in an attempt to ward off cyber threats. We are now seeing a trend where there are too few security personnel to monitor and manage the snowballing number of technologies and security risks.
The Big Issues
Financial enterprises have been taking a more traditional route to achieving a securer infrastructure by investing more in security technology to try and alleviate the tremendous pressure security teams face, but that has not solved the situation. It has become impossible to keep up with the millions of rules or potentially thousands of devices – from firewalls to routers and switches – within financial organisations. This is largely due to the shortage of resources. The low staff count plus the increase in technology has led to an imbalance that results in the inability to manage security effectively.
Exploiting the infrastructure of financial institutions has become the go-to-sport for cyber aggressors with breaches becoming frequent news. The network security systems have become overwhelmingly complex for SMBs and large enterprises as they are being insecurely integrated, making it difficult for enterprises to allocate adequate security funding to precise flaws.
A serious issue in 2016 that hampered many banks was distributed denial-of-service (DDoS) attacks. In fact, it was found that over one in four banks around the world were attacked via DDoS with the cost of damage estimated to be over $1 billion. Combine that with the evolution of IoT, and you have the perfect recipe for disaster. ForeScout Technologies reported that the average business must deal with 7,000 IoT devices in the next 18 months with smaller businesses potentially having more. Frustratingly, attackers have clocked on.
So, where are the IT professionals to prevent this?
With a global shortage of qualified security professionals, the financial sector is among the industries struggling to find skilled staff to operate their complex defence systems which have been implemented out of compliance rather than security, leaving them exposed. Recent stats also make for a frightening read. A study conducted by Forrester Consulting in 2016 found 80% of businesses are vulnerable to cyber attack with 32% of European businesses stating it’s difficult to find qualified IT security personnel, per research from Frost & Sullivan. A further 75% of organisations lacked sufficient cybersecurity expertise according to a Tripwire study and if enterprises had enough to worry about, the latest analysis from the Cost of a Data Breach report, published by Ponemon Institute, estimates the average cost of a data breach to now be $4 million, meaning businesses can no longer afford to be lackadaisical and neglect to enforce appropriate security measures.
In addition, companies are suffering from ‘alert fatigue’ with studies published by EMA and International Data Corporation claiming 92% of companies were getting up to 500 alerts a day with 88% being critical. In other words, threat detection has improved, but the number of alerts means that security professionals have become complacent as a result.
Intelligent Security Management
To rectify the Complexity Gap and reduce it, a new approach is needed that allows security teams to better manage all their investments in security, from firewalls to routers and switches. A new trend within the industry has seen management technology as a ‘workforce multiplier’ being the light going forward.
The attraction to using management technology is that it fixes some of the key issues that created the Complexity Gap by using automation and analysis that human resources cannot provide. These tools have been designed to aid organisations, like financial institutions, with their own policies, frameworks and compliance requirements to automate tasks. Some decrease time needed for cyber security investigations. Others enhance project management by decreasing time needed for security audits and facilitating better use of security already in place within monetary enterprises. This allows for better optimisation of the technology in use, uncovering the needles in the haystack by contextualising the security information as well as rationalising the information so that focus can be directed to the bigger security issues.
Adopting this kind of approach may well be the answer in helping restore balance and close the Complexity Gap. It is ideal for delivering a rapid response for automating security policy configuration in line with laid down compliance practises and improving the organisation’s security posture. It also dramatically reduces the operational expense through detailed analysis and risk simulation so that people can focus on areas that are higher value and remove the very time consuming aspects of security management.
Nevertheless, the problem will get worse before it improves. With industries adopting more devices and looking to automation, and with no immediate response to the cyber security skill shortage, the Complexity Gap is likely to widen. Thankfully, there are solutions to the problem. For the banks, numerous C-level execs have identified cyber-threats as their top concern, it is just whether the sector is quick enough to act before it’s too late and make better, more intelligent security device management a priority.