By Mark Towler, Senior Product Marketing Manager at Progress

The financial services industry is most acutely at risk from cybercrime – as, according to Forbes, 35% of all data breaches impact the financial services industry. The economy relies on the finance industry, which now depends on technology. Financial data is valuable and enticing, and the complexity of financial IT systems, with so many connections, creates a vast attack surface. Cybersecurity has become a priority tech investment to secure assets and effective network monitoring is critical.

Security breaches are a common and expensive problem for banks and other financial organisations. A Vanson Bourne survey of 100 UK financial services decision makers illustrates that cyberattacks are becoming more prevalent, reporting that 70% were hit by a security incident within twelve months. On top of that, an Accenture study found that the average annualised cost associated with data breaches for financial services companies globally has increased to $18.5 million.

When it comes to the banking sector, there are specific risks and vulnerabilities within the customer journey and within mobile banking apps. ImmuniWeb studied external web applications, APIs and mobile applications of the S&P Global list (the world’s largest financial organisations across 22 countries). ImmuniWeb found that 91% of mobile banking apps contain at least one medium risk security vulnerability. Key security risks lie within the business, as Vanson Bourne reported that most incidents stemmed “from employees failing to follow security protocol or data protection policies.”

Let’s look first at the main security and compliance pain points, starting with compliance. Being cavalier in taking care of data has multiple knock-on effects for organisations, such as compliance violations, regulatory violations, and significant fines. Identities and authentication can also cause huge concern as financial institutions need to ensure secure, credential-based access to data and employees, as well as shielding their entire tech ecosystem. Bad news travels fast in our digital era. A security story about customer privacy breaches can be reputation-damaging which costs organisations immeasurable reputational repair time.

How does network monitoring solve security and compliance pain points?

The financial services industry is particularly hot on compliance documentation and record-keeping. Continual network monitoring can collect and analyse vital data points and report any suspicious activity to the IT team, thus averting a breach. Compliance requires effective reporting, particularly on information relating to a security incident, and network monitoring can provide analysis of archived logs that explain what happened.

Accessing an internal IT system is every financial hacker’s dream. A robust network monitoring solution will show all the network elements as well as configurations and access permissions – and alert IT if any of them are changed. It is vital to maximise security and protect all assets with a strong two-step authentication process.

To address this, the most sophisticated network monitoring tools allow the set-up of notifications and alerts for changes to the configurations of network devices, as well as the ability to audit configurations against defined policies. It’s hard to know where to start with many solutions available, but it’s important to choose a tool which has the following key features:

How to choose the best network monitoring tool

•   Choose a solution featuring a robust alerting system that immediately flags any concerning activity. The ability to receive actionable alerts and network reports is critical. Alerts should be easily customizable and delivered via a variety of channels (i.e., web, email, SMS/text, Slack, MS Teams, pager, etc.).
•   Equally vital is a tool which provides complete visibility to the status of network devices, systems, applications, servers, virtual machines, cloud and wireless environments  – all in context. Clicking on any device should give immediate access to a wealth of related network monitoring settings and reports. It’s all about seeing what is connected to get immediate resolutions to queries.
•   You’ll need detailed visibility into your network traffic to see which users, applications, and devices are consuming the most bandwidth. By setting up bandwidth usage policies, you can view usage trends; any unusual usage could point to a security issue.
•   Avoid the negative consequences of accidental or malicious network device configuration changes. Choose a tool with configuration management capabilities that lets you trigger a notification whenever a configuration changes. Being able to set up an action policy in the alert centre is invaluable. This can automate a backup, add and remove users, or update firmware.
•   The most sophisticated network monitoring tools allow set-up of email notifications and alerts for changes to the configuration of network devices, and audit configuration against defined policies. Users should be able to view and compare device configurations in the device properties page and automate network device configuration backups for any device if configurations are lost.

The common mistake of alert overload

There are some alarmingly common mistakes that financial services companies are making, which can overwhelm IT and could be dealt with more simply by having the right network monitoring in place. Typical IT alerting tools installed by banks can overwhelm IT, with Ovum research of banks finding that 73% have at least 25 separate security tools. Ovum found that 40% of banks receive an average of 160,000 mistaken or irrelevant alerts every day.

We’d recommend making sure alerts only go out when someone has to log in and do something. If you are sending out an email from the monitoring system, and no one had to log in and do something – you are spamming them and should reconfigure the system. Note that particularly sophisticated network monitoring solutions can not only identify device dependencies to reduce alert storms but can also implement self-healing actions (like restarting a device) that can resolve network issues without IT intervention.