Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

MANAGING THE INSIDER THREAT

Dr. Guy Bunker, CTO, Clearswift

Thirty-nine percent of financial sector businesses said they had been victims of cybercrime, according to PricewaterhouseCoopers’ 2014 Global Economic Crime Survey. This makes this industry the most frequently attacked sector – 39% say they’ve been attacked compared to 17% reported in other industries. Despite the increase in cybercrime, the report also highlights that many banks don’t believe they will fall victim to cybercrime in the near future, showing there is clearly a gap in awareness, especially as the modern finance institution is far more dynamic and interconnected than ever before.

Whilst an array of defences against external threats already exist in the IT security world, most damage comes from within an organisation, with PwC’s Information Security Survey 2015 citing employees as the most likely culprits of a data breach. But it’s not just the malicious insider; it’sgenerally the ability of innocent, perhaps naive employees that compromise the security of data, whose value has never been higher.

What threat does an insider pose?

Financial institutions house a tremendous amount of data – with more critical information than organisations realise – and managing this is a huge challenge, which is compounded by the sheer number of complex IT assets that all interact with each other within the network. While it is relatively straightforward to protect a system from the majority of external dangers via basic security hygiene software, the myriad of interconnected IT systems within a bank inevitably leads to technical gaps in the controls, which can lead to misuse of data internally.

The risk of a data breach has also increased as trends such as BYOD, and online services have become ubiquitous. This can cause issues in terms of collaborative work as employees often bypass recommended protocols, which are more controlled, in favour of quick and easy solutions that they use as a consumer, Dropbox for example. Although many of these applications have security in place – they are not equipped to the same levels as the internal systems and they do not control the type of files that are passed through the channel, meaning users can share information that they perhaps shouldn’t.

When housing millions of customers’ details, any data that falls through these security gapscan be disastrous, not just because of the potential consequences the leaked information will have, but also in terms of business compliance and the law. In the UK, the Financial Conduct Authority (FCA) has tremendous power to levy significant fines, which not only harm the bottom line but the reputation of the company as well. In November this year, it fined RBS £56million for inadequate IT systems. Italso found that many small financial firms need to manage crime risks more effectively. Clearly there is not just room for improvement, but also a real need to address an increasingly serious situation as businesses can still be penalised even if the leak was accidental.

Balancing security with collaboration

Sharing information and working together is the lifeblood of any organisation. However, humans are humans and things will inevitably go awry. An employee may accidentally send an email with customer data attached to an unsolicited address, which could be a serious breach of policy.

One way to overcome this would be to button down the hatches, monitor all network traffic and intercept any networkactivity that could potentially lead to a data breach. However, this isn’t really a solution, it’s not conducive to collaborative working and it’s too prescriptive – not every email will be blocked for the same reason and different triggers may need different actions, some to be reported to managers, some simply to be quarantined. This heavily prescriptive approach can hinder as much as it protects.

As such, a more flexible approach is needed: one that can filter out critical information, whilst letting the rest through. This style of adaptive redaction can block sensitivedata within an email whilst still allowing it to be sent andwill enable businesses to continue to collaborate while ensuring that certain data is not shared with unauthorised parties.This style of technology can be extended to the whole of the working environment, for example – to prevent users from copying critical information to USB sticks.

At Clearswift, we’ve worked with financial institutions across the world and one solution is our adaptive redaction technology, whichcan take emails apart, find the part deemed sensitive, remove it and put everything else back together again.

While it is important for financial organisations to protect themselves from cyber-attacks from the outside world, preventing misuse from within should take equal place in any IT security strategy, as this is where an issue is more likely to arise. Equally, any information security strategy must ensure that it both facilitates collaboration whilst protecting critical information.

Guy Bunker has over 20 years’ experience in the cyber security sector, including being chief security architect at HP and Chief Scientist at Symantec.