Proactive security is required in highly regulated industries

Andrew Kellett, Principal Analyst, Infrastructure and Security

Maintaining security that meets the risk and compliance requirements of the enterprise is a constant challenge. Systems and networks are becoming more open and accessible, but at the same time, threats have become more advanced, persistent, and complex. This is a particularly important issue in highly regulated markets such as financial services, where failure to protect sensitive information will have a negative effect on the business and how it is regarded by customers, trading partners, and regulators.

Keeping business organizations safe is harder than it used to be for several reasons. These mostly relate to the well-worn arguments that malware is becoming more difficult to detect, attack volumes and their intensity are growing, and the effectiveness of traditional security products is in decline. There is a predominant requirement to more actively prepare organizations to deal with security threats, to provide proactive approaches to protection, and to minimize the impact of malware on businesses and their users.

Downtime is more than an operational inconvenience, and cost should be measured beyond financial imperatives

Organizations work hard to ensure that their services are constantly available and that sales and service delivery opportunities are maximized. Everyone understands the commercial sense of 24×7 availability, the value of realtime business interactions, and the operational efficiency that comes from maintaining the highest possible levels of availability. With this in mind, it is difficult to understand why downtime caused by security failures is viewed so differently.

If efforts to keep business systems up and running under all operational circumstances are accepted as being vital to the health of the business, why is it that not enough focus is placed on the need to protect organizations from attacks that can cause significant downtime, customer inconvenience, and reputational damage?

This is particularly the case for the financial services sector where high-speed financial transactions are processed in massive volumes across the world. Online banking services and real-time trading has a significant impact on the way that organizations do business, and faster payment systems and high-speed requirements for global transactions put pressure on Internet-based systems.

The expectation that these “always available” services will be delivered speedily and safely is a fundamental business issue that will continue to have a significant impact as the access to systems and the range of applications and mobile devices used to transact business continues to grow.

The high-profile nature of financial services business models makes them a prime security target. Cyber-crime is recognized by experts in law enforcement as the third highest priority, sitting just behind terrorism and espionage. This is because cyber-criminals see the online model as an open opportunity to steal, and hacktivists see it as a key prospect for disrupting services and bringing down high-profile, underprotected business operations.

Proactive protection responses are needed

Static security defenses are no longer good enough. Organizations should focus on proactive security initiatives including pre-emptive, knowledge-based protection that uses security intelligence and analytics, and active threat mitigation through software testing.

Knowledge and intelligence-based protection provides value when the information provided is both timely and accurate. Information-gathering, analysis, and reporting tools that categorize and prioritize security intelligence can help security analysts take the right actions against threats at the earliest opportunity.

Testing provides the opportunity to identify vulnerabilities in applications and software systems. These solutions can be particularly good at finding unknown vulnerabilities in software code, which if they remain undetected, open up the opportunity for malware to be executed. By testing for and gathering information on vulnerabilities, organizations can develop proactive defenses against cyber attacks.

Disruption of business operations from cyber activity is not acceptable

Financial services organizations and other high-profile targets must factor in disruptive cyber activity within their business risk assessments and security-protection programs. Stopping the theft of customer and financial records receives the greatest level of attention from security services because of cost and reputational issues. Nevertheless, failure to detect and deal with the range of disruptive distributed denial of service (DDoS)-styled attacks that are prevalent today can cause millions to be lost within a short period of time. This is particularly the case in high-performance, transaction-processing environments.

Ovum research shows that protecting against DDoS and related attacks is important to the operational health of organizations. Some business and technology experts take the view that these attacks have to be factored in as a cost of doing business and have to be dealt with as such. Putting the right defenses in place is a vital first stage to reducing the cost overheads and enabling attacks to be dealt with while incurring the least amount of inconvenience.

Maintaining service is vital, affirming that protection is about securing business operations and their reputations through continuity of service. To a large extent this is true. However, just as importantly, the high-profile nature of today’s attacks, their ever-increasing intensity, and the way that they are reported has brought the issue to the attention of CEOs and boards of directors, with the resulting demand for proactive security and improved remediation activity.

Related Stories

Leave a comment

Alternatively

This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.