“The frequency and scale of attacks on banking institutions and financial service providers means that simply meeting minimum compliance standards is no longer acceptable to customers, shareholders, or the Board. Building cyber resilience with an “assume compromise” mindset using Zero Trust Segmentation is now a requirement. “
Raghu Nandakumara, Head of Industry Solutions at Illumio
Banks face many challenges. One of them is to comply with many different regulations. Compliance with the prescribed standards is vehemently demanded by the regulatory authorities due to the critical importance of the financial sector. Failure to comply with applicable regulations and guidelines can result in criminal penalties and heavy fines.
The regulatory requirements for financial institutions are complex. Licensed banks in Singapore, for example, are subject to statutory obligations to protect the privacy of customer information, as set out in Section 47 of the Banking Act. Under such, customer information cannot in any way be disclosed by a bank or any of its officers to any other person except as expressly provided within the Act. The Personal Data Protection Act (PDPA) also provides a base standard of protection for personal data, complementing legislative and regulatory frameworks that are sector specific.
Regulatory requirements apply to banks of all sizes, but implementing these requirements costs time and money. This is a challenge for smaller banks because the necessary experts are few and the costs put pressure on margins. For large banks, the challenge is not letting the implementation costs get out of hand. In these cases, Zero Trust Segmentation has a significant role to play.
Moving from prevention to containment
Zero Trust Segmentation applies the Zero Trust principles of “never trust, always verify” to contain the spread of breaches and ransomware across the hybrid attack surface. It does this by continually visualising how workloads and devices are communicating, creating granular policies that only allow wanted and necessary communication, and automatically isolating breaches by restricting lateral movement proactively or during an active attack.
You can think of Zero Trust Segmentation like a hotel where each guest has their own key card. An intruder might be able to gain access to the lobby (an acceptable risk), but they can’t access other floors or rooms. Zero Trust Segmentation functions in the same way, ensuring the division of endpoints, clouds, and data centres into segments to protect them from potential threats.
Compliance and cybersecurity with one solution
Meeting regulatory requirements is important, but strengthening banks’ security posture is critical. Financial organisations often have a complex IT infrastructure, comprised of many endpoints, interconnected systems, and hybrid IT. This makes it hard for security teams to maintain visibility of their entire estate. You can’t secure what you can’t see.
Real-time visibility and having a comprehensive view of application traffic and communications is an integral part of implementing IT security and making policy decisions. Some banks have further leveraged the power of the solution by augmenting the mapping capabilities of the new solution with overlays of results from existing vulnerability scanning tools. In this way, the banks gain insight into the most vulnerable and unpatched servers and connections that attackers could exploit.
In addition to meeting compliance regulations, Zero Trust Segmentation also enables banks to make dramatic improvements to their overall IT security posture and cyber resilience, by strengthening defences and minimising the risk of operational disruptions. Research also found that organisations with mature Zero Trust Segmentation strategies are twice as likely to avoid a critical service outage and save $2.1 million on annual downtime costs.
Boosting cyber resilience in banking
Cyber resilience is critical for banks as the financial industry has always been a target for cyberattackers. Banks collect enormous amounts of data, including personal information, credit card information, social security numbers, data on investments, loans, and much more. They are essentially the guardians of very important parts of everyone’s digital identity.
Cyberattackers know this, too, and so cyber threats to banks have increased dramatically once again in recent years. According to the IBM X-Force Threat Intelligence Index 2022, the financial industry was the most affected by cyberattacks for five consecutive years from 2016 to 2020. This is mainly due to the increasing digitalisation of the financial industry. No banking process today runs without digital support. The hyperconnectivity between users, applications, data, and devices increases the attack surface of banks enormously and thus also the cyber risk.
The rise of ransomware
A major threat to banks is currently posed by ransomware attacks, which can lock down and paralyse entire IT systems. For banks, these attacks and the resulting business interruptions can threaten their very existence.
The most worrying thing about ransomware is the fact that it has evolved from simply stealing data, to impacting availability. It is no longer just a security problem; it is an operational issue with impacts including extended operational downtime, as well as huge financial and reputational damages.
Banks must therefore take measures to stop attacks quickly. Limiting and containing security breaches are key. This is cyber resilience: the ability to maintain the function of IT systems even in the event of an ongoing cyberattack. To do this, companies must move away the traditional “find and fix” approach to cybersecurity and focus instead on stopping the spread of attacks and minimising the impact of a breach through breach containment.
Guarding against ransomware and other kinds of breaches has become more than just a cybersecurity problem – it’s now a business resilience challenge at the highest levels.
