Marrying Security and Performance in Financial Services

By the nature of the business, financial services is a high-stakes space. It is highly competitive, for one thing.

Whether it is a consumer-facing bank branch that’s relied upon to offer current financial data to customers at a moment’s notice, or a specialized high-frequency trading firm on Wall Street that require maintaining extreme numbers of simultaneous flows with single-digit microsecond latency, network speed and performance are equally critical to success.

Customers and stakeholders expect this financial data to be managed and monitored constantly. And they expect to receive timely updates in order to make critical financial decisions.

The financial and other personally identifiable information financial organizations store can have catastrophic consequences if handled improperly. Security is extremely important – organizations must assure that unauthorized users can’t steal or tamper with this data. They also must adhere to the strict governance and regulations – the breach of which can lead to heavy fines and penalties.

But the dual priorities of security and performance often are at odds with each other. High-speed performance requires open, fluid networks that utilize a variety of technologies – such as multi-cloud environments, SaaS applications, connected devices, and more. At the same time, these new tools increase the attack surface allowing for an attack or breach that can be just a detrimental to the bottom-line as acting on misleading or outdated information. Security must protect against those issues without compromising the performance of critical services.

The Financial Services Threat Landscape

Financial organizations are a top target for cyber criminals, given the monetary reward that comes from stealing and then selling financial data on the dark web. Data shows that 819 cyber incidents were reported to the Financial Conduct Authority in 2018 – a marked increase from 2017 – confirming that cyber criminals have taken notice of the increased attack surface brought on by digital tools and are actively working to target and exploit those new attack vectors.

These recent cyber incidents targeting financial services show that a wide array of attacks are being deployed to find a way into those networks. According to the aforementioned data, over the past year:

• 49% of financial organizations experienced a malware attack
• 37% experienced spyware
• 35% encountered insider threats
• 31% experience DDoS attacks
• 12% experienced zero-day threats

Looked at in isolation, these data points may seem abstract. However, each of these translates into real business impacts for banks and financial organizations.

• 40% of financial organizations suffered an operational outage that affected productivity.
• 40% experienced a breach that damaged brand reputation.
• 34% experience an operational outage that affected revenue.
• 32% lost critical data.

Evaluating the Changing Threat Landscape

To avoid the types of outcomes mentioned above, leaders of financial institutions need to carefully evaluate need how their networks are changing and how many of the changes that boost performance can leave gaps in security. Some of the most common trends in the ways financial institutions are changing their IT systems – while potentially increasing risk –include:

DevOps and Infrastructure as Code (IaC)

Many organizations are leveraging IaC to accelerate DevOps cycles. This automated provisioning model allows for rapid changes to organizational infrastructure – essential for the regular iterations required of DevOps. Unfortunately, these regular changes can create security gaps and result in unknown vulnerabilities that expose organizations to compromise.

Multi-Cloud

Critical financial data is moving out of internal data centers and into the cloud. And a growing number of organizations rely on multiple cloud providers with different security standards to manage, store, and process this data. In such a fluid and distributed model, perimeter defenses are no longer effective. Security has to span multiple virtual perimeters from data centers, cloud environments, and IoT devices while functioning as a single, integrated solution.

SD-WAN

The costs associated with maintaining high-performance connectivity between branch locations and headquarters using multiprotocol label switching (MPLS) is prohibitive, and its lack of fluid scalability prevents it from meeting growing demands. In addition, moving critical financial data over the public web can increase risk, while a perception of weaker security at remote locations makes them a target. Secure SD-WAN is the answer to these problems.

Focus Areas to Achieve Security and Performance

Security and performance are equally important for financial services organizations and neither can come at the expense of the other. To achieve the right balance, financial services organizations need to marry security and performance by implementing tools and policies that emphasize flexibility, compliance, operational efficiency and visibility.

The competitive landscape requires organizations to accelerate cloud adoption and digitization. The key will be to create a security infrastructure and related security policies that span these new environments while emphasizing agility and flexibility. This will enable secure, compliant access to cloud services and traditional data centers.

In such a highly regulated space, it is essential that teams have access to reporting that demonstrates compliance across multiple regulations, along with get-well recommendations when requirements are not being met. If compliance monitoring and reporting, as well as the implementation of recommended changes can all be automated, IT and governance teams will save time by not having to be diverted from more strategic initiatives to address issues arising from compliance audits.

To maximize efficiency and IT resources, financial services teams should emphasize integration in their security program. Because modern attacks use automation and sophisticated evasion tactics to avoid detection and subvert security measures, relying on the manual correlation of data and the implementation of controls across the network leaves organizations more vulnerable to attack and slow response times. Automation is key for detecting and responding to threats at digital speeds.

Financial IT teams also must create policies that ensure visibility into each digital tool and device operating within the network. Without this clear visibility, financial organizations are more prone to data-leakage, insider threats, and non-compliance. This includes breaking down siloes that exist between point security solutions.

Final Thoughts

As financial services networks expand though digitization, and cyber criminals ramp up attacks against the expanding attack surface, organizations must focus on prioritizing security and performance simultaneously. Focusing on flexibility, simplified compliance reporting, visibility, and efficiency are key to staying competitive and avoiding security incidents in today’s high-speed and high-stakes digital marketplace.

About the author: Renee Tarun is deputy CISO at Fortinet. She is focused on enterprise security, compliance and governance, and product security.