Financial services took a particularly hard hit in 2020 in terms of ransomware and other cyber-attacks, to put it mildly. As with enterprises across most verticals, financial services organizations had to pivot primarily to remote work last year, and digital services became more important than ever.
Unfortunately, this pivot created new opportunities for cybercriminals to exploit. They are focusing on weak points in the security infrastructure of financial institutions to gain access to highly targeted and lucrative data. These trends are likely to continue in 2021. That’s why IT security leaders need to carefully re-examine their strategies to identify any potential gaps.
These threats will continue to increase, and the financial services industry will need new solutions. As financial institutions remain under threat of constant attack, CISOs and other security leaders will need to look at flexible and agile cybersecurity solutions. These tools will enable IT and security to scale and adapt without compromising security and performance.
An increased reliance on the cloud is likely as digital services increase in importance. Consequently, maintaining visibility and control across their cloud, on-premises, and hybrid environments will be pivotal. It will require a broad suite of security tools that cover the entire attack surface. It must include all users, applications, and devices – on and off the network. The suite must also include Zero Trust Access (ZTA) tools that are integrated to reduce the complexity of managing multiple solutions and vendors.
Understanding the landscape
As financial services professionals know well, the industry is a huge target for cybercriminals – due to the value of the information and assets financial institutions hold. (It’s the same reason that people still rob banks regularly.) But 2020 was particularly bad in terms of cyber-attacks, in large part because of the shift to remote work – which opened up new attack vectors.
As I noted in a previous article for Banking Exchange, ransomware has increased in both volume and level of sophistication. This type of attack tops the list of threats, due both to its prevalence and its potential for damage.
More visibility and Zero Trust access are necessary
Zero Trust is not a new concept within the security profession, but it’s becoming more and more important. The idea of Zero Trust is that you don't want to grant privileges to users or devices without verifying who they are. Instead of assuming anyone or anything that has successfully logged onto a network is trustworthy, no user or device gets broad access. By using a ZTA strategy, each time people and devices access your network, you know who they are and control what they have access to.
This is especially key when it comes to managing remote workers. Knowing every person and every device on your network and then providing explicit access to the resources they need improves user experience for remote workers. It also helps ensure that you’ve applied proper protections to applications, whether in the corporate network or a public cloud.
Users need access to business-critical applications no matter where a user or device may be located. Yet the dynamic and distributed nature of today’s networks make ensuring consistent access harder. Network admins need to control who accesses which applications irrespective of location. Zero Trust network access (ZTNA) enables organizations to do this by extending their Zero Trust model beyond the network. Instead of focusing exclusively on the network layer, ZTNA goes up a layer, effectively providing application security that is independent of the network.
This model also helps address the growing problem of insider threats. Though managing traditional insider risk is surely already part of any financial services organization’s IT strategy, managing the rapid proliferation of remote workers may not be. Addressing remote worker threats in financial services is challenging, but by taking certain steps, the security teams can manage the risk. These include encrypting data at rest and educating your remote workforce about your specific security policies and about social engineering techniques like phishing.
Deploying visibility and access control technology like Zero Trust is one of those steps. When it comes to the visibility of users, devices, and applications on the network, IT teams need all the help they can get so they can control who and what applications have access.
Trust none, verify all
Any organization that holds financial data has a big, red target painted on it. Because this is the case, and because threats continue to shift, FSI must continue to adapt its protective strategies. The massive shift to remote work created new vulnerabilities for criminals to exploit. IT security teams must counter these exploits with new tools and strategies, including Zero Trust access. This model creates the greater visibility organizations need so they know who and what is on their network at all times. In turn, this enables the security team to spot intruders faster, reducing dwell time and potential harm.
By Renee Tarun, deputy CISO, Fortinet