According to the Information Security Media Group, who have compiled a new report, the added network complexity that arises from a multi-channel experience and the offering of new products is leading to financial networks being more at risk from attack. Consequently IT departments have a tougher job defending systems from attack. The outcome is that hackers can find loop holes to exploit lapses in security in order to breach sensitive data.
The report makes six key recommendations. The first is that financial services organizations need to balance their security budgets to embrace new technologies that do more than just the bare minimum. In other words, business budgets should leave sufficient room for the adoption of new technologies designed to meet emerging threats.
The second recommendation is to direct some level of security surveillance inside the firm since a high proportion of attacks come from the inside. The way by which companies can detect this threat is to monitor activity taking place within the network. As an example, application use should be monitored to flag for programs downloaded that are, inadvertently or deliberately, collecting sensitive company data.
The third area is to monitor contractors. Here maintenance companies and office suppliers, for example, could be letting data flow out of the firm or leave holes for hackers to exploit through unsupervised modifications or software updates.
The fourth point is about hacker tactics. While hackers are becoming more sophisticated, for the most part it is the regularity of attacks that leads to vulnerabilities. This means phishing scam after phishing scam, on the basis that eventually one will be successful.
The fifth area is with better monitoring software for security threats. This means sophisticated detection tools that function beyond standard web filtering. This includes packages like penetration testing and file sandboxing. These allow suspicious files to play out in a simulated network environment, rather than being released into the main system.
The sixth area is that hackers are getting younger and they do not seem to mind if they only make a little money. This means that smaller financial services companies are as likely to be tragedy as major banks. IT security providers therefor need to understand the mindset of today’s hackers when setting up defense systems.
