Heads Up

Achieving enhanced situational awareness through intelligence gathering in the financial market

• By Kevin Wine
• Nov 01, 2016

The financial business is always evolving to meet the growing demands of customers, and organizations have shifted priorities significantly to provide the highest level of service and convenience. Branches are becoming more modern, with virtual tellers, mobile account offerings, and ATMs with advanced capabilities, and services are becoming more mobile. However, these changes also significantly impact security operations.

Business has evolved as have risks. In today’s financial environment, threats are greater and therefore, fraud reduction and risk mitigation are much larger issues than in the past. Leaders recognize the potentially costly and damaging disruptions if threats are not adequately controlled. According to PricewaterhouseCoopers Global State of Information Security Survey 2016, financial institutions are spending an average of 14 percent more on security efforts over previous years.

As cyber-attacks and violent incidents escalate, stakeholders seek to link cyber security with traditional security efforts to increase situational awareness and pivot towards a more proactive risk management strategy. Technologies, such as Big Data analysis, video analytics, and threat protection systems, are in high demand. Additionally, internal collaboration initiatives, which are designed to bring together once-siloed departments, are growing in popularity.

MANAGING RISK

Managing the risks financial institutions face every day is paramount to building an adequate security posture. Here we take a look at these threats, and ways security teams can build the right solution.

Globalization. The business world becomes smaller as more companies expand globally and work toward unifying systems and teams. However, as organizations continue to grow and expand into new markets, there is a greater security risk. Organizations need to have detailed knowledge of operating regions, especially volatile or emerging economies. Security leaders need to monitor for natural disasters and unrest to ensure the safety of those traveling on behalf of the company or working in high-risk locations.

Sophisticated threat matrixes. Modern criminals are more sophisticated than ever, and financial organizations must grapple with high-tech schemes and, in some cases, globally organized crime. With this heightened level of risk, banks are being forced to tackle physical and cyber security in a more unified way, gathering input from a variety of departments in an effort to gain enhanced awareness.

Collaboration. Information-sharing is crucial in today’s business environment. Improved exchange of information delivers a broad range of benefits by allowing financial organizations to communicate efficiently across multiple locations, which can help officials detect known criminals and recognize the beginning of a network breach. By taking a collaborative approach, financial institutions can minimize risks that are inherent in standalone systems. Additionally, leaders can tap into Web and social media intelligence to tap into a wider network and monitor conversations.

Integrated solutions. Open-source platforms allow users to access valuable data from multiple sources. Real-time information allows security officials and employees to make quick decisions that help improve the safety and protection of the company, its employees and its assets. Following an incident, operators can export video data, transaction records, and other vital information to aid in a faster, more efficient investigation. At the same time, an ongoing information exchange with regulatory agencies helps banks to stay in compliance.

In today’s modern security operations center, hundreds of different data sources are leveraged to help create a comprehensive and robust security posture. Often, these sources operate separately, and officials tasked with manually identifying potential anomalies and trends. However, this can be a timeconsuming and complicated process because of a large amount of data being collected and analyzed on a daily basis.

Financial institutions require intelligence that can help identify ways to deter, detect, and respond to potential threats, both physical and cyber. The use of intelligent software and data analysis increases situational awareness and enhances security, improving information sharing and faster response. Combining disparate systems into one interface, allows banks to see not only the most relevant data, but the most important information in a combined format within a single, intuitive interface. Overall, this approach streamlines the identification of security and business trends to gain new levels of insight across an organization.

HARDENING THE NETWORK

The increase in advanced cyber attacks continues to cause significant financial, operational, and reputational damage to banks and financial institutions. These attacks exploit the gaps in traditional security approaches, such as a lack of shared intelligence, excessive false alarms, insufficient automation, and a shortage of cyber analysts. Financial organizations require a whole new paradigm for cyber defense—one that eliminates guesswork by allowing analysts to dive deeper, gather the most accurate information, and gain a complete understanding of what’s going on at any given time.

Threat protection systems help businesses meeting the complexities of today’s increasingly common cyber threats. These platforms combine intelligent multi-vector attack detection, automated searches, in-depth forensics, and actionable response into one platform. It continuously gathers evidence and intelligence by monitoring networks, payloads, and endpoints to confirm or refute an attack, and presents its findings in a unified workspace for further review. Analysts receive accurate, localized threat intelligence needed to mitigate attacks—the system may evaluate thousands of alerts but only presents the most significant findings, each complete with recommendations for incident response.

ACTIONABLE INTELLIGENCE

The ability to visualize trends within seconds and take immediate action is invaluable to security personnel. Banks experience greater intelligence by fusing together information from IT networks, social media, video surveillance, global criminal databases, the Internet, and business and IT systems. Comprehensive data collection allows leaders to take a proactive approach by enabling them to see what’s happening, where it’s going on, how it might impact their organization and then develop what steps to take to address a situation or mitigate a threat before it occurs.

By moving away from reactive security, financial institutions can better detect a broad range of threats—both internally and externally. Leveraging the right data points to achieve new levels of situational awareness is paramount in ensuring banks have the right strategies to increase security, reduce fraud and ensure longevity.

This article originally appeared in the November 2016 issue of Security Today.