Achieving enhanced situational awareness through intelligence gathering in the financial market
- By Kevin Wine
- Nov 01, 2016
The financial business is always evolving to meet the growing demands
of customers, and organizations have shifted priorities significantly
to provide the highest level of service and convenience. Branches are
becoming more modern, with virtual tellers, mobile account offerings,
and ATMs with advanced capabilities, and services are becoming
more mobile. However, these changes also significantly impact security operations.
Business has evolved as have risks. In today’s financial environment, threats are
greater and therefore, fraud reduction and risk mitigation are much larger issues
than in the past. Leaders recognize the potentially costly and damaging disruptions
if threats are not adequately controlled. According to PricewaterhouseCoopers
Global State of Information Security Survey 2016, financial institutions are
spending an average of 14 percent more on security efforts over previous years.
As cyber-attacks and violent incidents escalate, stakeholders seek to link cyber
security with traditional security efforts to increase situational awareness and
pivot towards a more proactive risk management strategy. Technologies, such as
Big Data analysis, video analytics, and threat protection systems, are in high demand.
Additionally, internal collaboration initiatives, which are designed to bring
together once-siloed departments, are growing in popularity.
Managing the risks financial institutions face every day is paramount to building
an adequate security posture. Here we take a look at these threats, and ways security
teams can build the right solution.
Globalization. The business world becomes smaller as more companies expand
globally and work toward unifying systems and teams. However, as organizations
continue to grow and expand into new markets, there is a greater security risk.
Organizations need to have detailed knowledge of operating regions, especially
volatile or emerging economies. Security leaders need to monitor for natural disasters
and unrest to ensure the safety of those traveling on behalf of the company or
working in high-risk locations.
Sophisticated threat matrixes. Modern criminals are more sophisticated than
ever, and financial organizations must grapple with high-tech schemes and, in
some cases, globally organized crime. With this heightened level of risk, banks are
being forced to tackle physical and cyber security in a more unified way, gathering
input from a variety of departments in an effort to gain enhanced awareness.
Collaboration. Information-sharing is crucial in today’s business environment.
Improved exchange of information delivers a broad range of benefits by allowing financial organizations to communicate
efficiently across multiple locations,
which can help officials detect known
criminals and recognize the beginning
of a network breach. By taking a collaborative
approach, financial institutions
can minimize risks that are inherent in
standalone systems. Additionally, leaders
can tap into Web and social media
intelligence to tap into a wider network
and monitor conversations.
Integrated solutions. Open-source
platforms allow users to access valuable
data from multiple sources. Real-time
information allows security officials and
employees to make quick decisions that
help improve the safety and protection
of the company, its employees and its
assets. Following an incident, operators
can export video data, transaction records,
and other vital information to aid
in a faster, more efficient investigation.
At the same time, an ongoing information
exchange with regulatory agencies
helps banks to stay in compliance.
In today’s modern security operations
center, hundreds of different data
sources are leveraged to help create a
comprehensive and robust security posture.
Often, these sources operate separately,
and officials tasked with manually
identifying potential anomalies and
trends. However, this can be a timeconsuming
and complicated process because
of a large amount of data being
collected and analyzed on a daily basis.
Financial institutions require intelligence
that can help identify ways to
deter, detect, and respond to potential
threats, both physical and cyber. The
use of intelligent software and data
analysis increases situational awareness
and enhances security, improving information
sharing and faster response.
Combining disparate systems into one
interface, allows banks to see not only
the most relevant data, but the most
important information in a combined
format within a single, intuitive interface.
Overall, this approach streamlines
the identification of security and business
trends to gain new levels of insight
across an organization.
HARDENING THE NETWORK
The increase in advanced cyber attacks
continues to cause significant financial,
operational, and reputational damage
to banks and financial institutions.
These attacks exploit the gaps in traditional
security approaches, such as
a lack of shared intelligence, excessive
false alarms, insufficient automation,
and a shortage of cyber analysts. Financial
organizations require a whole
new paradigm for cyber defense—one
that eliminates guesswork by allowing
analysts to dive deeper, gather the most
accurate information, and gain a complete
understanding of what’s going on
at any given time.
Threat protection systems help businesses
meeting the complexities of
today’s increasingly common cyber
threats. These platforms combine intelligent
multi-vector attack detection,
automated searches, in-depth forensics,
and actionable response into one platform.
It continuously gathers evidence
and intelligence by monitoring networks,
payloads, and endpoints to confirm
or refute an attack, and presents
its findings in a unified workspace for
further review. Analysts receive accurate,
localized threat intelligence needed
to mitigate attacks—the system may
evaluate thousands of alerts but only
presents the most significant findings,
each complete with recommendations
for incident response.
The ability to visualize trends within
seconds and take immediate action is
invaluable to security personnel. Banks
experience greater intelligence by fusing
together information from IT networks,
social media, video surveillance,
global criminal databases, the Internet,
and business and IT systems. Comprehensive
data collection allows leaders to
take a proactive approach by enabling
them to see what’s happening, where it’s
going on, how it might impact their organization
and then develop what steps
to take to address a situation or mitigate
a threat before it occurs.
By moving away from reactive security,
financial institutions can better
detect a broad range of threats—both
internally and externally. Leveraging the
right data points to achieve new levels of
situational awareness is paramount in
ensuring banks have the right strategies
to increase security, reduce fraud and
This article originally appeared in the November 2016 issue of Security Today.