Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Cyber-Attacks Top of Banks’ Concerns

By Leon Ward, Director of Product Management, Sourcefire

Leon-WardEarlier this month the Bank of England’s Andrew Haldane revealed that four of the six top UK banks have listed cyber-attacks as their number one concern. In addition, for the first time, one of the top US banking regulators has named cyber-threats as a major factor heightening banks’ operational risk. And banking security experts say this is a sign that great regulatory scrutiny will come.

For any organisation a breach in security is a major issue. But for banks in particular, where consumer confidence is of paramount importance, a brand may suffer such irreparable damage, there could be no going back. Just last month Zeus, cyber criminals remodeled an old virus called Zeus and used it to obtain banking credentials and hack into bank accounts; it managed to steal $70 million.

From whichever vantage point you view it, the cyber-security landscape has changed. It is now about preparing for the worst and mitigating the risk to protect critical data and infrastructures. When it comes to IT security, there is no silver bullet. It’s a fact that for many banks it’s not “if” but “when” a breach will happen. They should start by asking themselves “what would I do differently if I knew I was going to be compromised?” and then build their security strategy to address this scenario.  Furthermore, banks shouldn’t obsess on “who” is attacking them from “where”, but keep focused on the threats themselves along with their effective remediation.  This way they can better protect themselves when the inevitable happens.

One challenge for banks is that information security has traditionally been the remit of the IT department alone, with little executive or board level engagement. This has to change. Banks must challenge their traditional approach to information security by ensuring that cybercrime is on the corporate risk management agenda at the same level as credit and market risks. Only by giving it this level of priority will information security be effective across the whole organisation.

The key issue for IT security defenders, whether working for a bank, retail organisation or a utility company is that today’s hackers have become increasingly sophisticated and their attacks are ever more innovative. The good news, though, is that the technology and processes exist to effectively protect today’s increasingly complex IT environments against sophisticated attacks. Here are a few pointers:

Shore up your defences -Any advanced malware response strategy must start with detection and blocking. In order to have effective detection and blocking, without a lot of “noise,” you need a baseline of information about what’s on your network in order to defend it – devices, operating systems, services, applications, users, content and potential vulnerabilities. Malware detection, the ability to identify files as malware at the point of entry and remediate accordingly, combined with implementing access control over applications and users, is also important. Not only do these measures help you to take steps to reduce the surface area of attack, but with the right informational context, detection may also indicate that your organization is in the bull’s-eye of a targeted attack.

Identifying the Target(s) – The best threat detection and blocking only goes so far. When an attack does happen you need to be able to identify ‘Patient Zero’, the malware origination point. From there, visibility to identify affected systems, the application that introduced the malware, the files that are causing it to spread and which systems are affected enables you to address the infection at the root and avoid re-infection.

Enemy Reconnaissance – When an attacker successfully circumvents traditional security technologies, your incident response plan kicks in. At that point, chances are you’re in firefighter mode without the time, nor a PhD in forensics, to delve into volumes of data and sophisticated analytics. Use of Big Data analytics to identify fundamental behavioral characteristics of the malware will help you to quickly understand the threat. Visibility into how the malware affects other files it has either interacted with or dropped on the system is also essential.

Gaining the Upper Hand – With greater visibility and better protection, you can start to gain control and remediate. Detection and blocking combined with identifying affected systems ensures you start from a position of strength, eradicating the malware so you don’t lose ground. Updating protections based on the latest threat intelligence as well as constraining and eliminating attack vectors with application control enables you to further reduce risk. Understanding file behaviour and its path can help you minimize the impact of an attack and recover.

Effective advanced malware response requires visibility and control across the entire IT environment and along the full threat lifecycle, to not only identify and stop the spread of malware but also minimize the risk of reinfection. With the ability to detect and eradicate malware quickly and effectively you can be confident your security and incident response strategy is up to today’s challenge.