Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.


By: Bill Hogan, Vice President, Strategic Accounts and Global Financial Services, Fortinet

Bill Hogan
Bill Hogan

Data shows that the financial services sector was the most frequently targeted industry in 2016, with attacks increasing 29 percent year-over-year. In light of these attacks, along with increased government regulations, financial services firms are ramping up their security measures. In fact, a recent study shows that 86 percent of financial services firms say they intend to increase time and spend on cybersecurity this year, up from 60 percent last year.

There’s no denying that the increased adoption of financial network security is a positive step forward. Cybersecurity initiatives are focused on keeping malicious actors from gaining access to the network and its data, especially as international hacking groups and hacktivists gain traction. And there are few places where such initiatives are more critical than in the financial sector.

However, as financial services firms continue to harden their evolving network perimeters and focus on keeping bad actors out, they tend to overlook another key attack vector: those people who already have unrestricted access to the network.

The Insider Threat

Seventy-four percent of respondents to a recent survey of global executives and IT leaders say that careless employees are the most likely source of a cyberattack. And while 56 percent of respondents named criminal syndicates as the main source of cyber-attacks, 52 percent also identified malicious employees as a significant risk. Clearly, with IT professionals identifying insider threats to represent nearly as high a risk as professional cyber crime syndicates, perimeter security measures are not enough.

Inadvertent insider threats are often the result of a general lack of security knowledge and neglect, such as employees falling victim to phishing and social engineering attacks. However, they can also come from employees storing or sending sensitive data on insecure applications that IT is not aware of, something that is referred to as Shadow IT. For example, if an employee sends a data set to a personal email address or cloud storage site like Dropbox in order to work on it from home, that data is at higher risk because it is no longer protected within the confines of the secured network.

In addition, malicious attacks are also often initiated by disgruntled employees looking to do damage, by those looking for monetary gain by selling data on the dark web or working as an insider with professional criminals, or by those who are planning to start or move to a competing business. Regardless of the motivation of the attack, what’s most important is detecting when data is being accessed and moved inappropriately, and stopping it.

Mitigating the Risks Posed by Employees

Protecting an organization has become an increasingly difficult task because more and more employees work remotely, and data is moving freely into and across the cloud. Approximately 87 percent of banking institutions employ a hybrid cloud environment, and unfortunately, data visibility significantly drops off once it moves into a cloud environment. To mitigate insider threats, it’s becoming increasingly important to know where data is stored, which data is the most valuable, who has access to it and if that access is business-critical.

Many organizations have adopted the principle of least privilege or zero trust policies, which give employees access to the minimum number of resources needed to do their jobs, while promoting in-depth monitoring of data movement across the network. However, in order to notice discrepancies or unusual data movement, this approach requires the monitoring of all traffic, not just that which crosses the perimeter into the network. And since privileged users have access to the most valuable data, security best practices dictate that these accounts are monitored more closely.

For this same reason, network segmentation is becoming an increasingly important tool for mitigating insider-based threats. In the past, once a user had access to the network, there was little an organization could do to limit their lateral movement or prevent their access to network resources. Which meant that one breach, or worse, one motivated malicious employee with privilege had free reign over the network. However, with new, advanced tools like internal segmentation firewalls, inspection and monitoring can happen deep within the network, access policies can be established and enforced, and data can be isolated and secured separately. As a result, a perimeter breach is not able to infect the entire network, and one motivated employee cannot browse through and steal critical digital resources.

In addition to adopting tools and strategies to promote in-depth internal network security, financial services firms should also ensure that employees are properly trained in cybersecurity best practices and company security protocols. Research shows that 40 percent of employees who use cloud-based apps have never been told how to securely move and store private company data, while another 39 percent have not been informed about the risk of downloading cloud apps without IT’s knowledge. Ensuring that employees are aware of the risks of phishing attacks or moving and storing data off-network can help cut down on those inadvertent breaches caused by insiders that can have devastating financial or public relations ramifications.

Benefits of Data Monitoring Within the Network

Corporate and IT leaders are beginning to understand that security must extend beyond the perimeter in order to limit the risks to sensitive data. In 2016, 200 million financial services records were breached, at a cost of $221 per capita. By establishing clear visibility into the cloud, monitoring all data movement, especially between secured network zones, and keeping employees abreast of the latest security protocols and practices, financial services firms can curb this cost while keeping the personal data of their clients secure.

About the author:

Bill Hogan leads strategic accounts and global financial services at Fortinet, where he is responsible for sales, systems engineering and business development. He formerly served as president of WebHouse, where he enabled customer success through the effective use of IT and business solutions. From 2003 to 2014, Hogan led NetApp’s Americas East and America’s Enterprise Sales and Business Operations. He started his career at EMC where he spent 10 years in various sales and leadership roles. Bill is a father of five and avid philanthropist.