Protecting financial organisations without sacrificing availability and performance

By Martin Mackay, CRO at Versa Networks

Financial services organisations globally are accelerating their digital transformation initiatives with two simple objectives: to differentiate their products and services in the light of ever-increasing competition and to drive out operational cost.

Whilst there are plenty of benefits for customers, employees and businesses, it also creates new challenges for the financial services industry when it comes to cybersecurity resilience.

Threat actors are increasingly exploiting vulnerabilities of the extended digital landscape to compromise critical assets and craft sophisticated attack campaigns. Financial organisations need a solution which can provide digital services without exposing themselves or their customers to dangerous cyber threats.

The ever-expanding threat of IoT

Financial firms operate in a very competitive, highly regulated and high-demand environment. To achieve a competitive edge in this industry, organisations need to increase their outreach and accessibility, and therefore extend their digital footprints. This is where Internet of Things or IoT connectivity comes in.

IoT technology enables banks to furnish their branches with terminals and sensors to provide better customer support and track the performance of equipment like ATMs and smart payment terminals. Insurance firms can also install IoT sensors for services usage-based insurance or pay-as-you-drive policies. What is crucial is that with the deployment of new technology there is no degradation in security posture – the threat actors are waiting just for that opportunity to strike.

IoT rapidly expands the company’s IT estate and therefore its attack surface. Each new connected device represents a potential attack path for threat actors to discover and exploit. In many cases, attackers utilize the vulnerabilities of an IoT device to laterally move across the network to compromise more valuable assets.

With the prevalence of IoT, it becomes challenging for organisations to achieve a comprehensive visibility of their entire IT landscape. Increasing external connectivity means that it’s often difficult to ensure that all devices and systems have up-to-date software, firmware, and patches installed. Therefore, threat actors have more potential vulnerabilities to exploit ,and can discover different attack pathways into the core network.

The constant security risks of remote and hybrid working

Along with tech designed to enhance user experience, the financial sector has also invested heavily in digitalizing working practices. According to recent survey reports, 69% of Financial Services companies are allowing their workforce to work remotely at least once a week. Remote and hybrid working has evidently introduced more flexibility and productivity into the industry, but it has also heightened the security risks for financial firms.

When a large part of a workforce is constantly working outside the perimeter of a secure internal network, it becomes challenging to monitor their digital activities and ensure compliance. Today with the breakdown of the enterprise perimeter, the internet is the network and that creates a whole raft of new challenges. Employees are often using their own devices and externally connecting to the enterprise network using their home broadband, or even unsecured public networks. The lines between home networks and work networks have blurred. This leads to an increased and unmonitored attack surface for threat actors. Attackers can often exploit the vulnerabilities in the unmonitored endpoints and abuse access privileges to carry out sophisticated attacks.

The sophistication of attackers today means that they can identify and compromise interconnected personal devices. There is a vast range of advanced tools across the open and dark web that allow cyber criminals to automatically scan and identify exposed remote devices connected to the Internet. From there, attackers will look for issues like unpatched vulnerabilities or weak security policies that will let them jump into the main IT network. Once this is achieved, they are free to start executing standard attack tactics such as data exfiltration or ransomware deployment.

The security issues of investing in IoT and remote working practices are challenging enough; layering in the global trend to embrace the advantages of 5G technology just exacerbates the problem.

Adding the critical risks of 5G to the mix

To support their ever-expanding digital footprints and facilitate IoT functions, financial firms are becoming increasingly reliant on 5G networks – due to its reliable and high-speed connectivity functions. The next-gen network features of 5G are designed to support enhanced IoT functionality and hyperconnectivity between smart devices. This increased number of interconnected IoT devices provides a greater surface for exploitation attacks such as DDoS (Distributed Denial of Service), remote code execution, SQL injection, and zero-day exploits.

As 5G enables seamless connection and interaction between smart devices, exploiting the vulnerabilities of any IoT device or system can allow attackers to laterally move across the entire network and compromise critical assets. Threat actors can potentially disrupt and overwhelm an entire network through a single external point of compromise.

Financial firms must address the security issues created by larger and more complex networks if they are to protect their customers. Achieving this requires a solution that can manage and secure expanding infrastructure without restricting growth or impacting performance.

Finding a solution through SASE

Balancing security and performance is an on-going challenge. Financial firms cannot risk having an unsecured customer service terminal connected to their network, but complex or rigid security measures will also render the device ineffective and ultimately impact the customer experience. Cost is also an important consideration, especially when a large number of devices are at play. If a company has hundreds of devices, managing each one manually becomes a colossal task.

A new model known as Secure Access Service Edge (SASE) provides an effective solution to these challenges. This approach converges multiple network management and security functions into a single service that can be delivered entirely through the cloud.

SASE is designed to integrate security and network performance, making it easier to perform key functions like monitoring network traffic and restricting access without impacting network speed.

This approach can also be used to deliver network segmentation, creating a barrier between network areas. With segmentation in place, even if an IoT device is compromised, attackers will be blocked from moving into the rest of the network. A cloud-based deployment also means that all devices on the network can receive the same level of security, covering even the largest IoT suites, thus providing security teams with complete visibility of the entire IT estate.

Overall, SASE combines robust security posture with a next-gen network architecture approach that not only embeds granular security but also drives business performance by optimising user experience. By integrating SASE solutions, financial firms can achieve secure, scalable, and reliable enterprise networking; while also ensuring security, segmentation, and visibility across all interconnected assets within the IT estate.

The ability to manage network and security functions through a single management console allows enterprises to better protect their interconnected devices. Armed with this power, financial organisations can increase their multi-cloud application performance, and significantly reduce network management and operations costs.