Heads Up

Heads Up

Achieving enhanced situational awareness through intelligence gathering in the financial market

  • By Kevin Wine
  • Nov 01, 2016

The financial business is always evolving to meet the growing demands of customers, and organizations have shifted priorities significantly to provide the highest level of service and convenience. Branches are becoming more modern, with virtual tellers, mobile account offerings, and ATMs with advanced capabilities, and services are becoming more mobile. However, these changes also significantly impact security operations.

Business has evolved as have risks. In today’s financial environment, threats are greater and therefore, fraud reduction and risk mitigation are much larger issues than in the past. Leaders recognize the potentially costly and damaging disruptions if threats are not adequately controlled. According to PricewaterhouseCoopers Global State of Information Security Survey 2016, financial institutions are spending an average of 14 percent more on security efforts over previous years.

As cyber-attacks and violent incidents escalate, stakeholders seek to link cyber security with traditional security efforts to increase situational awareness and pivot towards a more proactive risk management strategy. Technologies, such as Big Data analysis, video analytics, and threat protection systems, are in high demand. Additionally, internal collaboration initiatives, which are designed to bring together once-siloed departments, are growing in popularity.

MANAGING RISK

Managing the risks financial institutions face every day is paramount to building an adequate security posture. Here we take a look at these threats, and ways security teams can build the right solution.

Globalization. The business world becomes smaller as more companies expand globally and work toward unifying systems and teams. However, as organizations continue to grow and expand into new markets, there is a greater security risk. Organizations need to have detailed knowledge of operating regions, especially volatile or emerging economies. Security leaders need to monitor for natural disasters and unrest to ensure the safety of those traveling on behalf of the company or working in high-risk locations.

Sophisticated threat matrixes. Modern criminals are more sophisticated than ever, and financial organizations must grapple with high-tech schemes and, in some cases, globally organized crime. With this heightened level of risk, banks are being forced to tackle physical and cyber security in a more unified way, gathering input from a variety of departments in an effort to gain enhanced awareness.

Collaboration. Information-sharing is crucial in today’s business environment. Improved exchange of information delivers a broad range of benefits by allowing financial organizations to communicate efficiently across multiple locations, which can help officials detect known criminals and recognize the beginning of a network breach. By taking a collaborative approach, financial institutions can minimize risks that are inherent in standalone systems. Additionally, leaders can tap into Web and social media intelligence to tap into a wider network and monitor conversations.

Integrated solutions. Open-source platforms allow users to access valuable data from multiple sources. Real-time information allows security officials and employees to make quick decisions that help improve the safety and protection of the company, its employees and its assets. Following an incident, operators can export video data, transaction records, and other vital information to aid in a faster, more efficient investigation. At the same time, an ongoing information exchange with regulatory agencies helps banks to stay in compliance.

In today’s modern security operations center, hundreds of different data sources are leveraged to help create a comprehensive and robust security posture. Often, these sources operate separately, and officials tasked with manually identifying potential anomalies and trends. However, this can be a timeconsuming and complicated process because of a large amount of data being collected and analyzed on a daily basis.

Financial institutions require intelligence that can help identify ways to deter, detect, and respond to potential threats, both physical and cyber. The use of intelligent software and data analysis increases situational awareness and enhances security, improving information sharing and faster response. Combining disparate systems into one interface, allows banks to see not only the most relevant data, but the most important information in a combined format within a single, intuitive interface. Overall, this approach streamlines the identification of security and business trends to gain new levels of insight across an organization.

HARDENING THE NETWORK

The increase in advanced cyber attacks continues to cause significant financial, operational, and reputational damage to banks and financial institutions. These attacks exploit the gaps in traditional security approaches, such as a lack of shared intelligence, excessive false alarms, insufficient automation, and a shortage of cyber analysts. Financial organizations require a whole new paradigm for cyber defense—one that eliminates guesswork by allowing analysts to dive deeper, gather the most accurate information, and gain a complete understanding of what’s going on at any given time.

Threat protection systems help businesses meeting the complexities of today’s increasingly common cyber threats. These platforms combine intelligent multi-vector attack detection, automated searches, in-depth forensics, and actionable response into one platform. It continuously gathers evidence and intelligence by monitoring networks, payloads, and endpoints to confirm or refute an attack, and presents its findings in a unified workspace for further review. Analysts receive accurate, localized threat intelligence needed to mitigate attacks—the system may evaluate thousands of alerts but only presents the most significant findings, each complete with recommendations for incident response.

ACTIONABLE INTELLIGENCE

The ability to visualize trends within seconds and take immediate action is invaluable to security personnel. Banks experience greater intelligence by fusing together information from IT networks, social media, video surveillance, global criminal databases, the Internet, and business and IT systems. Comprehensive data collection allows leaders to take a proactive approach by enabling them to see what’s happening, where it’s going on, how it might impact their organization and then develop what steps to take to address a situation or mitigate a threat before it occurs.

By moving away from reactive security, financial institutions can better detect a broad range of threats—both internally and externally. Leveraging the right data points to achieve new levels of situational awareness is paramount in ensuring banks have the right strategies to increase security, reduce fraud and ensure longevity.

This article originally appeared in the November 2016 issue of Security Today.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services

  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

Most   Popular

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”