Lessons Learned from Capital One’s Breach: What Banks Need to Know About Data Security in the Cloud

The financial services industry is historically slow to innovate, but banks are finally taking steps toward digital transformation. In fact, Gartner research revealed a third of banking CIOs consider digital to be the top business priority for 2019, an increase of about eight percent from last year.

However, this same report concluded that almost half of global banks are still in the very early stages of their digital journeys.

What’s holding banks back from going all-in on digital? While financial services executives see the opportunities with new digital systems — such as efficiency, productivity and more — the shift away from legacy systems has not been seamless.

Just look at the Capital One breach last month when a hacker gained access to its cloud system, compromising private information for over 100 million customers. Unfortunately, breaches like this are becoming the new normal for enterprises, in the financial industry and beyond, as sensitive data is managed and stored in new digital systems.

Banks can’t grow to accept the potential for cloud security issues - there is too much on the line. A single security snafu could result in a serious hit to brand reputation and bottom lines. In fact, a PwC report found that the overwhelming majority (87%) of consumers will stop doing business with a company if they don’t think they are responsibly handling data.

The good news is that technology providers are racing to innovate with new security offerings that allow financial institutions to anticipate and mitigate potential issues as they move to the cloud. When developing a security strategy to complement banks’ digital transformations, IT leaders must consider technologies that do the following:

Maintain end-to-end security as data is moved and stored

As banks manage critical customer and business data in hybrid and multi-cloud environments, it’s essential to protect information both while it’s at rest (i.e. stored within the cloud) and in motion (i.e. as it moves between systems, for example from a CRM system to a customer support agent’s database). The key here is in addressing end-to-end security needs from the start, protecting data by encrypting it both in rest and motion throughout the enterprise. Securing data as it is distributed across the entire network ecosystem ensures important customer information is protected no matter where the data is in its journey.

Manage access control at scale and in real-time

A strong cloud security strategy should also include technologies that grant organizations full visibility into how data is accessed and used in digital environments. To achieve this, banking IT teams can establish an advanced event mesh that efficiently and seamlessly connects all the disparate systems with which data interacts. From there, administrative systems can effortlessly tap into the wider event mesh to retrieve necessary information in real-time and at scale.

As an added security benefit, the event mesh can also limit the kinds of data that people have access to. For example, limiting someone in the marketing department from accessing highly-sensitive information from recent credit card applications. More importantly, preventing the world from accessing that same data.

Evolve with new systems and remain vendor agnostic

As banks continue their digital transformations, they will undoubtedly introduce new digital systems and even connected devices into their workflows. Therefore, it’s important that they develop a dynamic security strategy that can seamlessly evolve to meet new organizational needs. Banks must identify technology partners that empower them to be agile, secure, and can efficiently incorporate new systems without a hitch. With the banking experience becoming increasingly digital - from consumer-facing apps to back-end technologies like AI - integrating and securing all these new data streams will be essential to successful transformations.

Digital presents immense opportunities for banks to improve operations and customer experience; however, with new systems comes new security challenges. To ensure sensitive information doesn’t fall into the wrong hands, banking IT teams must streamline their data movement strategy and protect it throughout its journey.

Chris Whalen is an experienced technology professional with a focus in cybersecurity. He has a long history in the IT and cybersecurity industry leading many teams and projects, and has spent almost 17 years working for Solace.