Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

TOP TAKEAWAYS FOR SECURITY IN FINANCIAL SERVICES
1418 business

Published : , on

Sharat Sinha, Vice President, Asia Pacific, Palo Alto Networks

A recent spate of high profile hacking incidents targeted at financial institutions across Asia Pacific has put the spotlight back on data security and the need to be diligent about cyber security more than ever.

Data breaches against Standard Chartered’s customer data and phishing websites designed to steal PINs and One-Time-Passwords (OTPs) from POSB customers have made it increasingly important for financial and banking institutions to re-examine the way they are protecting their data and customers.

Sharat Sinha

Sharat Sinha

Palo Alto Networks recently participated in the FS-ISAC summit held in Florida, where the topic of cybersecurity formed the basis of much of the discussion. Cybercrime is a very global problem, and an issue that is becoming more sophisticated as cybercriminals strive to find new and improved ways to access enterprise networks.

It was widely acknowledged during the summit that financial institutions will always be a prime target for cybercriminals. However, there is a lot that can and should be done to protect against such attacks.

A number of key learnings for financial institutions emerged from discussions during the summit, including:

  1. Segmentation

    More needs to be done on segmentation across organisations and their IT infrastructure. This is a broad topic that involves employees, contractors, data centres, endpoints, computing infrastructure and more. It includes better segmentation of facilities, branches, remote offices or business partners located in high-risk geographies or conducting business with high-risk geographies. Of particular importance is the sharing of best practices to protect facilities and groups in high-risk geographies as well as a need for clear segmentation of assets, systems and data based on their risk level and access control of users and applications.

  1. IT Costs vs. Tighter Security

Organisations must be proactive when it comes to the growing dilemma between controlling IT costs versus the imperative to tighten security.  This is especially important around technology initiatives such as:

  • Mobile computing. As part of a device refresh cycle, many financial organisations are in the process of retiring their portfolio of Blackberry devices that were provided years ago to employees with the goal to improve work flexibility and productivity. Old devices are now replaced by a full BYOD model with employees allowed to use their chosen devices to connect to their enterprise network. It is highly recommended that IT departments to proactively deploy solutions that will force all traffic coming from mobile devices to go through security checks similar and even tighter than other network traffic.
  • SaaS applications and cloud computing. Along the same lines as the above, the use of SaaS is a fairly logical way to reduce costs for applications that are not core to your business and for which you might not want to keep critical expertise in-house.
  1. Better network segmentation

Organisations are living under a constant state of compromise. This topic is one of greater concern. We keep hearing that threats are more often coming from the inside of an organization, making obsolete any security strategy based only on perimeter protection. Network segmentation helps significantly by blocking attacks from propagating from one zone of your network to another. Next-generation firewall will directly contribute to a stronger overall security platform, starting with the endpoint and detecting attacks there as well as detecting when threats are attempting lateral moves within networks.

  1. Importance of sharing threat information

Finally, there’s broad acknowledgement that threat information sharing is critical to raise the bar for the bad guys. It’s ironic but in many ways it feels like the bad guys are better organised as a community compared to the enterprises that need to protect themselves. I have not heard one objection against the need for the private sector to collaborate though communities like the Association of Financial Advisers (AFA) and the Association of Banks (ABS) in Singapore, to share threat intelligence more systematically. With Palo Alto Networks, we share all findings across all our customers as soon as new malware is detected, but we also continue to hear about the high value of information sharing with a specific industry sector, such as finance.

To conclude, the threat landscape across the region and the world continues to evolve and change, however financial institutions will always be a prime target for cybercrime. These institutions have a responsibility to protect their customers, making it imperative for organisations and their employees to understand the vulnerabilities that exist in the network. On a top level, it is also vital for enterprises, governments and standard organisations to collaborate and leverage expertise to adapt and overcome the sophisticated, multifaceted security threats faced by the ecosystem of information security.

 

Uma Rajagopal has been managing the posting of content for multiple platforms since 2021, including Global Banking & Finance Review, Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune. Her role ensures that content is published accurately and efficiently across these diverse publications.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post