By Andy Harcup, Senior Director, Gigamon

The pandemic has fundamentally changed the expectations that executive leaders and their companies have about how and where they work. Restrictions are lifting and organisations are facing up to new challenges as people return to the office. Nevertheless, many are realising that the workplace is not going to snap back to normal, with over a quarter of UK businesses either closing or downsizing their offices as the country embraces hybridity.

IT infrastructures have been stretched, changed and challenged trying to support this truly hybrid workforce, and there isn’t a template or guide to cover security in this kaleidoscopic environment of different technologies, standards and risks. In fact, the new world has opened up businesses to growing levels of cyberattacks. Ransomware is now the biggest online threat to the UK, according to the National Cyber Security Centre, while a Deloitte study found that 47% of individuals fall for phishing scams when working from home.

Historically, the financial services industry has been characterised by silos and legacy platforms, but these are being broken down by the drive towards a more seamless customer experience. Businesses need to have much better visibility of the data traffic passing over the network, as well as what end points are connected and what security risks have been exposed. Each enterprise – and its executive board – needs to apply security policies consistently across different countries and across a mix of environments: virtualised, cloud, on-premises or at home.

Network visibility to drive security and optimisation

To manage the ongoing challenges financial services firms are facing, they must modernise their IT and security processes while optimising costs during this economically challenging time. The key to achieving this is by enhancing infrastructure visibility. A clear, unobscured view of on-prem, cloud and hybrid environments is crucial to ensure applications, traffic and users are all being monitored effectively to prevent and thwart attacks. The bottom line is that the corporate networks of financial services firms are fed by different types and generations of systems and devices, which must all be monitored as one.

Full visibility is a valuable asset when looking to improve efficiency and speed of network tools, which will be a key goal as businesses strive to make the most of what they’ve got and battle reduced budgets. Enterprises around the world have been forced to do more with less since the start of the pandemic, whether with a reduced workforce or a smaller budget. Streamlining processes and enhancing solutions has become essential, and without total visibility into data in motion, it becomes almost impossible for IT infrastructure to run efficiently and safely. Digital transformation for financial services is now non-negotiable – especially with an estimated 71% of global customers opting to use digital banking channels weekly. At the same time, any new investments have to add serious value to the business and enable them to embrace shifting workforce expectations. For a business leader in the financial services industry, it is important to weigh up technical priorities with budget constraints and analyse the measurable ROI before jumping into any decisions. By optimising current tooling for a clearer view into data, rather than making a hefty investment into a whole new infrastructure, costs can be kept to a minimum while network efficiency increases.

Zero trust: A must for financial firms

With observability into all data in motion on the network, security teams will be able to better prepare for a cyberattack. For example, identifying when a DDoS attack is looming by analysing network traffic and securing the network proactively rather than reactively. Visibility is also central to enabling a Zero Trust security architecture, something financial organisations should be considering as the network perimeter expands and blurs and hybrid working becomes the norm. By eradicating implicit trust, the Zero Trust architecture scrutinises asset behaviour and only grants access based on that behaviour, rather than on pre-existing credentials that could have been compromised.

The drawback is that Zero Trust has typically been associated with more negative connotations, as it implies that no one can be trusted, even valued employees. It is not only a culture shock, but can also be viewed as a hamper on productivity. While opinions around this approach to cybersecurity are now shifting (the latest report from Gigamon report found that 76% of IT decision-makers agree it is a good decision to implement a Zero Trust architecture), it is important that the leadership team at financial services firms understand the impact of transitioning to Zero Trust. Just as with the digital transformation initiative of moving to the cloud or implementing tools to support network visibility, internal communication about a move to Zero Trust is key to making sure changes come to fruition without un-anticipated hurdles. If employees are informed of shifts in digitisation and cybersecurity strategy, mistakes can be more easily avoided and expectations better managed. Zero Trust can reap numerous benefits for the financial sector, but it requires a team effort to make it possible.

Networks have been turned inside out over the past year, meaning security and efficiency challenges have been rife. As businesses emerge out of the other side of this chaos, it’s crucial they make the right investments where it truly matters; optimising today will secure better business success tomorrow. By ensuring complete visibility of all traffic on their network, financial services firms can not only improve security – which is crucial for firms dealing with valuable data – but they can drive tool improvements, cost savings and greater efficiencies so that the hybrid workforce is both functional and lucrative.