The financial services sector is ahead of the curve when it comes to data security. Interconnectivity and regulatory compliance has ensured this. But in an effort to install the right defences, the sector has embraced too many individual point solution tools, creating disparate, unmanageable networks that leave the industry increasingly vulnerable.
To make sure that the financial advisory and wealth management sector doesn’t become the latest victim in the ongoing cyberwar, there are three very simple questions that IT teams should be able to answer:
1) How many devices are connected to your network?
2) What software is running on those devices?
3) What is that software doing right now?
Many organisations can’t answer these simple questions.
Those that can, often can’t answer quickly enough. If you can’t answer the first two questions, stopping even the simplest of attacks is impossible. The overwhelming majority of breaches come through the exploitation of basic vulnerabilities.
If every endpoint on the network is known, patched and secure, the chance of being breached is significantly lower. Despite the stereotypes we have about cybercrime, a successful attack isn’t likely to come in the form of a nation-state actor, deploying a new advanced persistent threat.
Most successful breaches are the result of a known vulnerability. So, regardless of the attacker's origin — whether nation-state, organized crime syndicate or an unsophisticated bedroom hacker — the best defence is getting the fundamentals right.
As for question number three, firms need to know what their software is doing right now, so they can recognise unusual and inappropriate behaviour. If you know that your software is acting in an abnormal way and you can see your data flowing to places where it shouldn’t, you can see a breach playing out before your eyes.
This may be an outsider sitting on your network, searching for personal data to blackmail your clients, or sensitive information relating to mergers and acquisitions which could yield a healthy profit on the equities market. Or more common to financial advisory and wealth management companies, it could be someone inside the business acting in their own interest.
The amount of staff (of all grades) with access to sensitive data, and the relative ease with which that data can be used to profit commercially leaves the financial services sector at far greater risk.
Just as the threats are so often simple, so is the solution.
Legacy technology which doesn’t tell you what devices are on your network, what software they’re running and what it’s doing at any given moment should be discarded. If you can’t pinpoint the threat down to the single machine, you won’t be able to disrupt the threat to the wider network. The old perimeter defence model isn’t fit for the modern cyber threat. It doesn’t give you the speed, coverage or precision that you need. It can’t help you deal with enemies already inside the city walls.
If your IT teams can answer those three basic questions above, they’ll have inoculated themselves against the most prevalent of risks and secured the most vital of business currencies — trust.