Friday, 26 March 2021 00:03

Three security essentials for financial services

By
George Tsoukas, Gigamon ANZ George Tsoukas, Gigamon ANZ

GUEST OPINION by George Tsoukas, Gigamon ANZ: While the financial services industry is no stranger to unexpected events and their repercussions, the current global upheaval is creating unprecedented uncertainty. Faced with this, how should financial services organisations respond?

First they must focus on providing the best possible customer experience in terms of mobile and online application availability, performance and security. For NetOps and InfoSec teams, this means delivering on three core mandates.  

1. Deploy additional capacity and services faster than ever

Practically overnight, NetOps and InfoSec teams must support a vastly different network landscape than before. They must ensure continuity and security while redeploying network resources to enable:

#   Increased demand for mobile banking and online services. Work-from-home has made consumers and SMB customers increasingly reliant on mobile applications and online services. In response to this, financial services organisations have to quickly ramp up capacity for their existing capabilities.

#  New online capabilities: At the same time, companies on a multiyear road map for digital transformation are condensing the plan to move up delivery of new capabilities within days or weeks as the situation evolves from work-from-home to return to work.

#   Work-from-home: Many financial services companies closed their customer service call centres and transitioned their staff to work-from-home. Organisations that made this switch are now considering whether this will become a permanent model, and if so, what application, security and infrastructure changes are necessary to support this model.

2. Shield the company from opportunistic cyber criminals  

In this time of unprecedented change, the technology that financial service organisations and their customers depend on has never been more critical or more foundational. But with the world in flux and IT spread thin, attackers are seeing new opportunities to exploit vulnerabilities and cash in on the changes being made in response to the pandemic.

KPMG warns that cyber attacks have surged and financial services “… firms will need to shore up their cyber defences…”

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) issued a joint alert with the U.K.’s National Cyber Security Centre (NCSC) on the exploitation of the current crisis by cyber criminal and advanced persistent threat (APT) groups.2

In addition to other schemes, the two agencies note that attackers have been probing for known vulnerabilities in VPN gateways and remote-access tools. “The NCSC and CISA have observed actors scanning for publicly known vulnerabilities in Citrix … and [we] continue to investigate multiple instances of this vulnerability’s exploitation.” The Citrix vulnerability (CVE-2019-19781) and its exploitation have been reported online since early January 2020.

3. Do It all while optimising costs amid spending constraints

To deliver security, agility and scalability in a rapidly shifting environment and optimise costs with an uncertain budget, NetOps and InfoSec teams need a solution that provides:

  • Real-time visibility into all network traffic to understand and optimise performance and improve security
  • Analytics to optimise and manage network performance to accommodate and secure increasing volumes of data and traffic
  • A single pane of glass that simplifies network and security operations across physical, virtual and cloud environments 
  • Threat detection and response to find and remediate threats on the network faster and minimise disruption
  • Automation to free up staff and allow them to do more, faster.  

Industry analyst group Gartner identifies improvements in visibility and agility as one of the key benefits of what it calls NetOps 2.0, a set of principles that provide ‘new ways to operate networks’ to keep pace with digital business.

The firm recommends investing in network analytics and automation to reduce friction and improve collaboration between NetOps, InfoSec and DevOps teams, leading to the reduction of manual effort and streamlined value delivery. Adding network analytics and automation tools helps close the skills gap that exists in most organizations.

Read my company’s whitepaper ‘Guide to Zero Trust for Financial Services Organizations’ for more insight into NetOps and InfoSec challenges within financial services, and what’s needed to address those challenges. 

References

   Lewis, James. “COVID-19 Insights – Emerging Risks.” KPMG, April 1, 2020. https://home.kpmg/xx/en/home/insights/2020/04/covid-19-insights-emerging-risks.htm l.

   ‘Alert (AA20-099A): COVID-19 Exploited by Malicious Cyber Actors.’ Cybersecurity and Infrastructure Security Agency (CISA), April 8, 2020. https://www.us-cert.gov/ncas/alerts/aa20-099a.

   Ganguli, Sanjit, John Chessman, and Andrew Lerner. ‘NetOps 2.0: Embrace Network Automation and Analytics to Win in the Era of ContinuousNext.’ Gartner, October 9, 2019. https://www.gartner.com/en/documents/3970170/netops-2-0-embrace-network-automation-and-analytics-to-w.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments