Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Business

As hybrid work becomes a permanent reality, security measures must evolve

storyblocks latina woman working from home on her computer H3rsM0oYw - Global Banking | Finance

Three keys to overcoming hybrid work cybersecurity risks

By Alastair Williams, Director, Solutions Engineering EMEA, Skybox Security

Global banks are announcing plans for hybrid working models, embracing changes forced by the last year. Workers are returning to offices as regional pandemic-related restrictions lift, with leading financial organisations such as Lloyds, J.P. Morgan, HSBC, and Goldman Sachs announcing they will continue to permit remote work post-pandemic.

Embracing hybrid work means security strategies must also evolve. The flexibility offered by remote work policies seems to satisfy employees and offer productivity benefits. Inadvertently, hybrid workers also create new security weaknesses. According to research from Skybox Security, even before banks committed to hybrid work as a permanent fixture, 68% of banking and financial executives were concerned their distributed workforce introduced new vulnerabilities.

Despite over a year of remote working and well-publicised surges in security breaches, a worrying 42% of UK financial services and law firms still say their cyber threat visibility and detection systems are inadequately equipped to manage remote employees. Legacy technology and broken processes have been identified as key security posture management issues.

Prevent risky business

Cybersecurity teams weren’t that surprised by the challenges introduced during the rush to adopt remote work models. Security weaknesses existed before the pandemic, but many organisations were ignoring the canaries in their coal mines.

Now, financial entities simply cannot afford to deprioritise security. The attack surface has become too large to patrol using the classic and outdated “detect-and-respond” strategy to cybersecurity. At the same time, a deepening skills crisis means that financial organisations most likely lack enough human resources to properly secure the quickly evolving threat landscape.

Leaders must prepare for the industry’s next normal. Change has become imperative between upticks in cloud services, threats, and pressures to avoid both regulatory fines and mass customer data compromises. Only a shift in how organisations manage their attack surface will keep them from becoming honeypots for cybercriminals, who are increasingly leveraging sophisticated, multi-stage attacks to hold organisations to ransom.

Embrace change now to achieve business resiliency

Preparing for the unexpected is easier said than done. Here are three key strategies to illuminate a new path forward for proactive security posture management:

  • Achieve comprehensive visibility by building a hybrid network model. Fully modelling the enterprise environment identifies security weaknesses before they attract threat actors. A complete and detailed picture of the attack surface empowers security teams to seek out exposed vulnerabilities in highly complex environments (rather than responding to breaches after the fact). There is clearly a lot of work to be done here: Research revealed that only 11% of organisations could confidently maintain a holistic view of their attack surface.
  • Remediate vulnerabilities exploited in the wild based on exposure, not theoretical guesswork. Banks can adopt emerging capabilities to discover all vulnerabilities across disparate environments. This data then enables security teams to focus remediation on the most critical exposed risks that are exploited in the wild – instead of targeting abstract “high-severity” threats that may not actually be a risk because adequate security controls are already in place.
  • Advance beyond point solutions to modern, scalable solutions. The explosion of cloud computing has dissolved traditional walls between networks and made the cybersecurity ecosystem vastly more complex. As a result, many major banks today utilize upwards of 100 unique security tools. To overcome this increasing complexity, financial organisations must start adopting vendor-agnostic solutions that can freely exchange data across IT, hybrid cloud, and critical infrastructure. What’s needed is an open ecosystem that enables security teams to maximize the tools they already have in place.

Despite the pandemic and its economic impacts, most banks and other financial organisations have committed to increasing cybersecurity budgets year-over-year. Historically, security weaknesses have been addressed reactively. Instead of spending expanded budgets on detection-focused threat hunting tools, leaders must adopt proactive strategies to manage new risks and avoid adding more point solutions to their already complex security stacks.

The financial sector is expected to face a continuous increase in new vulnerabilities, so now is the time to overcome the industry’s most enduring cybersecurity challenges. With a proactive security posture management strategy in place, financial organisations will ultimately increase the real-world business value of their cybersecurity budgets.

———-

Alastair Williams is director of solutions engineering for the EMEA region at Skybox Security. Fortune 1000 companies and many of the largest banks in the world turn to Skybox to proactively secure their complex hybrid environments and reduce exposure to cyberattacks.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post