Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
Today's technically superior and incredibly well-funded hackers aren't impeded by breach prevention and traditional security solutions used in financial services organizations, but by using advanced and field-proven deception-based technology, financial firms can go on the offensive—taking the fight to the hackers until they are shut down, the author writes.
By Yoel Knoll
Yoel Knoll is the vice president of marketing at TopSpin Security Inc.
Today's technically superior and incredibly well-funded hackers are not impeded by breach prevention and traditional security solutions used in financial services organizations. Security professionals have accepted that no matter how hard their teams try, it is nearly impossible to keep hackers out of a financial firm's network.
Industry research supports these presumptions. Financial services is an attractive and lucrative target for attackers. According to research by the Ponemon Institute, last year within financial services, 83 percent organizations experienced more than 50 attacks per month.
Although sophisticated perimeter-based solutions are still the mainstay of financial organizations' security efforts, firms are turning attention and resources away from trying to keep hackers out and toward simply ensuring that all data is safe from intruders. Doing so involves preparing proactive security plans for the inevitable presence of hackers in the network. And in today's complex security climate, more financial organizations are choosing deception solutions as an approach to meet these challenges.
How can financial firms leverage deception-based network security to keep sensitive data safe? Here are three basic steps:
To keep financial and client data safe, an intruder must not be able to gain access to any real private information. That sounds obvious, but what is not so clear is how to accomplish this goal. Financial firms should choose a deception solution that enables them to go on the offensive. This means actively hunting attackers, leading them into decoys, and preventing them from reaching actual company data.
Advanced deception systems also provide useful data about the attackers, proactively developing intelligence to find their command and control systems, understand how the connection is established and what protocols are being used. The threat intelligence and visibility generated by drawing the attacker in rather than simply attempting to repulse the attack enables teams to understand the goals of the attacker—preventing not only the current single attack, but also future attacks.
To keep data safe, traps need to be placed correctly in the financial network. Deception solutions with smart monitoring and analysis of the network traffic allow organizations to profile their assets and create an accurate model of their network. Then, they can overlay the network with a deception layer that fits their unique characteristics. There must be enough traps deployed for a hacker to trigger, and enough relevant decoys that look appealing and realistic. For example:
In addition, deception technology must be able to actively adjust itself to changing financial network environments, moving decoys and setting traps automatically as networks evolve. This can be achieved only by constantly monitoring network traffic to adjust to changing networks and protect new assets that are introduced.
With correctly and strategically placed traps and decoys, hackers find themselves looking for financial information in decoys, literally stuck in a false network of fake information. Unknowingly caught in a web of deception, the hacker never fully accesses the real network.
The longer hackers need to look for information, the more time the organization has to stop them and ensure the security of their data. Moreover, in keeping with the concept of an offensive security posture, the longer a hacker engages with a decoy system, the more information can be gathered about the attack, its targets and even its origin. Then, according to the financial firm's incident response and remediation program, teams can take actions such as isolating the infected asset, blocking internet protocol addresses utilized by the attackers and deleting or disabling the process used to launch the attack.
Accepting the futility of prevention-based and traditional defense in financial services is the first step to data security. And once financial organizations agree that hackers will get in, the question is: Do we act or react? By using advanced and field-proven deception-based technology, financial firms can go on the offensive—taking the fight to the hackers until they are shut down.
Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to firstname.lastname@example.org.
Put me on standing order
Notify me when new releases are available (no standing order will be created)