Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

THE IT SECURITY COMPLEXITY GAP AND ITS CRIPPLING EFFECTS ON FINANCIAL INSTITUTIONS
THE IT SECURITY COMPLEXITY GAP AND ITS CRIPPLING EFFECTS ON FINANCIAL INSTITUTIONS

Published : , on

By Michael Callahan, VP of FireMon 

Can the Finance Sector Counter and Manage the Alarming Gap Between Security and Technology? 

As the world of IT security has developed, so too have the issues plaguing the enterprises that have adopted advanced security strategies. For years, experts have been trying to resolve a security deficit with a slew of technologies that it has now exploded out of control. Almost unknowingly, gaps have formed within cybersecurity protection and infrastructure across various industries. One industry in particular is likely to suffer the most, given the sensitive nature of its infrastructure and data it needs to protect from cyber attackers – the banking sector.

As banking transitions to online, mobile and on the go, the security infrastructure to support it has also multiplied – and that means more investment in security technology in an attempt to ward off cyber threats. We are now seeing a trend where there are too few security personnel to monitor and manage the snowballing number of technologies and security risks.

The Big Issues

Financial enterprises have been taking a more traditional route to achieving a securer infrastructure by investing more in security technology to try and alleviate the tremendous pressure security teams face, but that has not solved the situation. It has become impossible to keep up with the millions of rules or potentially thousands of devices – from firewalls to routers and switches – within financial organisations. This is largely due to the shortage of resources. The low staff count plus the increase in technology has led to an imbalance that results in the inability to manage security effectively.

Exploiting the infrastructure of financial institutions has become the go-to-sport for cyber aggressors with breaches becoming frequent news. The network security systems have become overwhelmingly complex for SMBs and large enterprises as they are being insecurely integrated, making it difficult for enterprises to allocate adequate security funding to precise flaws.

A serious issue in 2016 that hampered many banks was distributed denial-of-service (DDoS) attacks. In fact, it was found that over one in four banks around the world were attacked via DDoS with the cost of damage estimated to be over $1 billion. Combine that with the evolution of IoT, and you have the perfect recipe for disaster. ForeScout Technologies reported that the average business must deal with 7,000 IoT devices in the next 18 months with smaller businesses potentially having more. Frustratingly, attackers have clocked on.

So, where are the IT professionals to prevent this?

With a global shortage of qualified security professionals, the financial sector is among the industries struggling to find skilled staff to operate their complex defence systems which have been implemented out of compliance rather than security, leaving them exposed. Recent stats also make for a frightening read. A study conducted by Forrester Consulting in 2016 found 80% of businesses are vulnerable to cyber attack with 32% of European businesses stating it’s difficult to find qualified IT security personnel, per research from Frost & Sullivan. A further 75% of organisations lacked sufficient cybersecurity expertise according to a Tripwire study and if enterprises had enough to worry about, the latest analysis from the Cost of a Data Breach report, published by Ponemon Institute, estimates the average cost of a data breach to now be $4 million, meaning businesses can no longer afford to be lackadaisical and neglect to enforce appropriate security measures.

In addition, companies are suffering from ‘alert fatigue’ with studies published by EMA and International Data Corporation claiming 92% of companies were getting up to 500 alerts a day with 88% being critical. In other words, threat detection has improved, but the number of alerts means that security professionals have become complacent as a result.

Intelligent Security Management

To rectify the Complexity Gap and reduce it, a new approach is needed that allows security teams to better manage all their investments in security, from firewalls to routers and switches. A new trend within the industry has seen management technology as a ‘workforce multiplier’ being the light going forward.

The attraction to using management technology is that it fixes some of the key issues that created the Complexity Gap by using automation and analysis that human resources cannot provide. These tools have been designed to aid organisations, like financial institutions, with their own policies, frameworks and compliance requirements to automate tasks. Some decrease time needed for cyber security investigations. Others enhance project management by decreasing time needed for security audits and facilitating better use of security already in place within monetary enterprises. This allows for better optimisation of the technology in use, uncovering the needles in the haystack by contextualising the security information as well as rationalising the information so that focus can be directed to the bigger security issues.

Adopting this kind of approach may well be the answer in helping restore balance and close the Complexity Gap. It is ideal for delivering a rapid response for automating security policy configuration in line with laid down compliance practises and improving the organisation’s security posture.  It also dramatically reduces the operational expense through detailed analysis and risk simulation so that people can focus on areas that are higher value and remove the very time consuming aspects of security management.

Nevertheless, the problem will get worse before it improves. With industries adopting more devices and looking to automation, and with no immediate response to the cyber security skill shortage, the Complexity Gap is likely to widen. Thankfully, there are solutions to the problem. For the banks, numerous C-level execs have identified cyber-threats as their top concern, it is just whether the sector is quick enough to act before it’s too late and make better, more intelligent security device management a priority.

Uma Rajagopal has been managing the posting of content for multiple platforms since 2021, including Global Banking & Finance Review, Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune. Her role ensures that content is published accurately and efficiently across these diverse publications.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post