Author: Clayton Locke
Financial services organisations can no longer protect their networks at the perimeter and proactive measures within business applications themselves are needed.
According to PwC, 93% of large organisations suffered a security breach last year, with three quarters of banks’ CEOs identifying cyber-crime as a threat to growth. Last week, J.P Morgan revealed it had been victim to a massive hack affecting over 80 million customers. The bank was not aware of the hackers in their system.
It’s clear cyber-crime is more sophisticated than ever and improvements to cyber-security must accelerate to keep up. Financial services organisations can no longer protect their networks at the perimeter. Proactive measures within the business applications themselves are now required.
A new focus on attack detection and response is crucial.
The AppSensor project, created by The Open Web Application Security Project (OWASP) is a progressive security framework designed to detect and respond to threats. It features over 50 detection points that identify suspicious activity of varying severity. Different responses, from automatic log-out to sending alert messages to a dashboard are activated by a central security monitor. LogRhythm’s Security Intelligence Platform is a good example of how the OWASP framework can translate into a commercial application.
Intelligence networks are yet another effective response to cyber-crime. For example, ThreatMetrix’s Global Trust Intelligence Network provides its users with relevant threat intelligence and insight into the behaviour of online personas. It does this by analysing activity from over 10,000 websites from its customer base, helping businesses prevent attacks before they happen.
Security is fundamental to the services provided to banking customers. According to our recent research, 87% of consumers would look to change providers if they thought that their provider was not secure. Advanced security measures are required now, to build trust and keep customers.