financial institutions

(Source – Shutterstock)

Financial institutions need to prioritize network security

Financial institutions need to ensure they have adequate cybersecurity protection and can deal with the increasing threats they face. While regulatory requirements ensure that security is a top priority for financial institutions, the reality is, cybercriminals always seem to find a way to cause problems.

According to a study by Boston Consulting Group, financial services firms are 300 times as likely as other companies to be targeted by a cyberattack. Dealing with those attacks and their aftermath carries a higher cost for banks and wealth managers than for any other sector. With financial institutions facing various complexities such as compliance, identities and authentication, security, and several others, network monitoring is one way of finding and preventing breaches without disrupting compliance.

For John Yang, Vice President, Progress, Network Security Monitoring is based on the collection of data to perform detection and analysis. The ideal solution will give the financial institution complete visibility into the status of network devices, systems, and applications, and see network devices, servers, virtual machines, cloud, and wireless environments in context.

financial institutions

John Yang, Vice President, Progress

“Users of network monitoring tools should be able to click on any device to get immediate access to a wealth of related network monitoring settings and reports so that they can see how everything is connected. Similarly, financial institutions need a solution that provides detailed visibility into their network traffic to see which users, applications, and protocols are consuming bandwidth. This insight allows the user to set up bandwidth usage policies, and detect unusual and anomalous usage that could indicate a security issue,” explained Yang.

Simplifying security management for financial institutions

Interestingly, Yang pointed out that the systems designed to help such as IT alerting tools, can at times be overwhelming for IT teams. Yang highlighted that Ovum research into banks found that 40% get hit with an average of 160,000 mistaken, redundant, or irrelevant alerts every day.

“The culprit is alert overload from myriad security tools. While it is good in principle that banks are taking cybersecurity seriously by investing in security tools of various types, given that Ovum found that 73% of banks had at least 25 separate security tools, it probably does more harm than good,” added Yang.

For Yang, the answer clearly is to implement a network monitoring solution that intuitively addresses all the financial institution’s compliance, authentication, and security challenges on a single platform.

“The financial sector is constantly changing, and institutions must adapt to their customers’ changing needs as well as the global marketplace. In a sector where trust is the cornerstone of conducting business, banking interruptions result in a loss of consumer confidence and a tarnished reputation. That means their networks must always be at optimum performance while delivering smooth, accurate, and secure connectivity. To ensure this, financial institutions have to invest in network monitoring,” explained Yang.

At the same time, Yang also felt that vendors in the cybersecurity space need to comply with specific standards to be able to operate in this space. There are vulnerability assessments that all financial institutions should apply to every new software or solution that they implement into their environment to make sure it’s bullet-proof.

As such, he believes that emerging technologies like Network Detection and Response (NDR), which leverages non-signature-based tools and techniques like artificial intelligence and machine learning to detect, react and respond to cyber threats and anomalous behavior in the network. Financial institutions can also leverage NDR solutions to complement their security stack and feed the detected anomalies to log management tools like SIEM (security information and event management).