The rise in popularity of the Internet of Things (IoT) and a consumer desire to access valuable data on various devices has led to network security becoming increasingly complicated for financial services providers.

As financial institutions transition their network security strategies to meet these consumer demands and grant greater individual access to their networks, they must also be conscious of the ever-evolving threat landscape. The cyberattacks of today are constantly becoming more sophisticated in order to outwit traditional network security measures. In addition, increased access to the network by IoT devices (such as mobile phones, and tablets) has resulted in an increase of possible attack vectors. As such, the need for evolved network security is further emphasised by the attention it has garnered from government regulators, who are shining a spotlight on compliance and security at financial institutions of all sizes.

The Challenge

Strong network security revolves around two key factors: speed and service. Network experience is typically judged by how quickly bits of information get from point A to point B, and how quickly applications are able to respond to queries. In finance in particular, rapid communication and effective security is vital, and neither can come at the expense of the other. Furthermore, consumers have come to expect access and the ability to edit information stored within the network through the web. This ability is integral to staying competitive, with more than 60 per cent of financial institutions currently developing cloud strategies as a result.

Network security strategies are having to change and adapt to meet this increase in demand for real-time, on-demand services. Data must now be more secure, travel faster, and be more readily available across devices, all of this in spite of being constantly under attack from sophisticated threats.

Looking ahead, financial services firms will be forced to respond to new attack vectors that threaten their core functions. And as these trends persist, robust network security strategies need to evolve to include the following tactics:

Detection

In order to adapt to meet these new challenges requires moving away from the traditional tactic of simply focusing your security efforts at your network perimeter whats required is something much more comprehensive. As todays perimeters are become more dynamic and increasingly temporary, rendering edge-based protection less and less relevant. Whats more, security professionals have come to understand that it is simply impossible to stop every attack. The reality is, an organisation will be breached, and security needs to be designed with this in mind.

Effective security strategies have had to transition from simply relying on intrusion protection to intrusion detection as well. Intrusion detection systems operate on the assumption that an attack will breach network perimeter defences. They are able to scan the network for abnormal behaviour in order to detect live attacks that have evaded the perimeter in order to reduce the time security teams are kept in the dark, because the longer an intruder or malware resides undetected within the network, the higher the probability it will be able to find and steal valuable information. The goal is to detect and mitigate the threat before data loss occurs.

This expansion from perimeter-based protection to include security measures at network segmentation demarcation points, deep in the core of the network marks, and out to the cloud are an important strategic shift in network security as financial services firms navigate todays threat landscape with the digital evolution of the modern workforce.

Response

With intrusion detection systems in place, incident response is the next logical step in ensuring attacks are mitigated quickly and effectively once detected. With todays new threats, incident response is required to go beyond having a list of procedures to follow in the event of an attack. A response needs to include integrated tools that provide full visibility into the security posture of the network. It should also include automated solutions that are able to identify and respond to the abnormal activity, and the forensic tools to analyse and ensure similar threats are thwarted in the future. Once malware is detected, its important to have an integrated security structure in place across your entire extended network to mitigate its impact before it can further compromise your network.

Intelligence

Once a threat has been mitigated, the incident response team needs to assess the threat to ensure that protocols are updated to keep similar threats from being successful in the future. Threat research is just as important as intrusion prevention and incident response. Teams study critical areas such as malware, botnets, and zero-day attacks in order to identify device or network vulnerabilities, uncover weak threat vectors, and create mitigation signatures, putting your organisation in the best possible footing to face down threats in the future. In doing so, the broader network security is hardened, and updated with abnormalities to look out for, and enhanced with the tools needed to stop them from causing damage. Solid threat intelligence is key to keepings your network steps ahead of attackers by establishing protocols for both known and unknown vulnerabilities.

Four key changes have made it necessary for financial institutions to re-evaluate their approach to network security: cloud-based infrastructure and services, the rise of IoT, the ever-increasing sophistication of cyberattacks, and stricter government regulations. As the internal network interacts more with the cloud, and attacks become more grandiose, it is inevitable that an attack will successfully breach the network. Which is why it is critical that an organisations security focus shift in order to ensure that once malware has made it into the network, it can be detected and remediation efforts can begin as quickly as possible to ensure the least possible damage and reduce the chance of recurrence.

Continued here:
The evolution of network security strategies being adopted by the financial services sector. - Finextra (blog)