Tag: next-gen firewall

02 Apr 2021
Is Cybersecurity Your Weakest Link

Is Cybersecurity Your Weakest Link?

Is Cybersecurity Your Weakest Link

Is Cybersecurity Your Weakest Link?

The financial landscape has changed drastically in the last 20 years, one of the most notable changes being the variety of financial services now being offered online. Although the wide-spread use of internet has made it possible to receive financial guidance from anywhere in the world, it has also created an environment where sensitive information and data could potentially be compromised by cybercriminals.

Today, professional hackers are spending more time and money than ever before to gain access to personal information for both monetary gain and “professional” recognition. The sensitive information that the financial services industry has access to continues to make them a prime target for hackers and other cybercriminals. Attacks can range from malware threats, DDOS attacks, phishing attempts and data breaches – all of which bad actors can use to commit fraud themselves or sell to a third-party.

Importance of Being Secure

 

Cybercrime continues to be a growing problem for banks and credit unions across the country. The impact of a cybercrime can be very costly for a financial institution, both financially and from a reputational standpoint. The main risks include theft or unauthorized access to sensitive customer information along with the disruption of normal business operations.

In addition, as the number of security threats continues to increase in the financial services industry, regulators are taking a closer look at financial institutions’ policies and procedures to ensure that they can effectively safeguard confidential and non-public information. As an example, the Federal Financial Institutions Examination Council’s (FFIEC) Cybersecurity Assessment Tool (CAT) is designed to ensure financial institutions are prepared in the event of a cybersecurity attack. The FFIEC CAT is now the guide regulators are using to examine institutions and determine their level of cybersecurity preparedness.

Some of the most common security threats financial institutions face today include:

Malware and Ransomware

 

Ransomware has established itself as one of the leading cyber threats for many organizations, but especially financial institutions. Using ransomware technologies, hackers can gain complete access and control over legitimate websites, often by encrypting data or programs, and extort ransom payments from victims in exchange for restoring access to the individual or business. Malicious software, or “malware”, is no longer characterized by simple aggravating popups and sluggish computer performance, but rather the encryption of all data on a machine, rendering it unusable.

Internet of Things (IoT) Attacks

 

Unsecured Internet of Things (IoT) devices such as DVRs, home routers, printers and IP cameras are vulnerable to attack since they are not required to have the same level of security as computers. To breach a financial institution, attackers will target insecure devices to create a pathway to other systems. Unsecure IoT devices are also used to launch distributed denial-of-service attacks (DDoS) against institutions. These DDoS attacks prevent legitimate users from accessing computer systems, devices or other online resources. The perpetrator floods the victim’s machine or network with false requests from various sources to overload the system and prevent legitimate access. A well-executed attack can interrupt a host of banking services including website access, ATM networks, and online banking platforms, in addition to internal systems and functions.

Phishing Scams

 

Phishing scams that specifically target financial institutions’ employees, attempting to obtain sensitive information such as usernames and passwords, have become increasingly common within the last few years. The goal of phishing is to direct employees to a fraudulent website where they are asked to share login credentials and other personal information. The information that employees are tricked into providing then allow for cybercriminals to read a bank or credit union’s critical information, hack into the employee’s bank and social media accounts, send emails on an employees’ behalf, and gain access to internal documents and customer financial information.

Lack of Third-Party Vendor Security

 

While a financial institution might have the right security systems and policies in place to protect itself and its customers from a cyber-attack, its third-party providers may not have the same level of security and diligence. This creates a major vulnerability for the financial institution. Without a proactive approach to vendor management, financial institutions are opening themselves up to increased levels of risk that can have a negative impact on the institution’s financial standing, compliance posture and overall ability to serve its customers. Federal regulators have issued guidelines to help institutions better understand and manage the risks associated with outsourcing a bank activity to a service provider. The FFIEC IT Examination Handbook was revised to help guide banks to properly establish and maintain effective vendor and third-party management programs.

Insider Threats

 

Often, all it takes is a disgruntled employee or ex-employee to release valuable security information and compromise system and data security. Additionally, cybercriminals are increasingly realizing success through bribery as a means to entice bank employees to give up their login credentials or other security information, allowing direct access to internal systems.

Lack of Employee Training and Security Expertise

 

The COVID-19 pandemic has certainly brought its share of challenges to the financial sector of business, including increased network vulnerability and internal threats as employees transitioned to a remote work environment. These changes required cybersecurity personnel to change their online security baseline and continuously adapt to the changing IT security landscape. With the increased popularity of remote work, company IT staff are encouraging employees to take charge of their own online security through testing and training. The training includes topics like the importance of password security and multi-factor authentication and helps employees understand their roles and responsibilities in protecting against security threats. Until this learning gap is resolved, financial institutions will continue to struggle to efficiently manage cybersecurity threats.

Combating Security Threats and Ensuring Institution Security

 

While cybersecurity has become a major point of discussion among professionals within the financial industry, the truth is that many financial institutions are too complacent when it comes to protecting themselves. With hackers using advanced technology, the “bare minimum protection” is no longer enough to keep sensitive information safe. To adequately protect against security threats, financial institutions must ensure that every device on the network has up-to-date antivirus software, adequate firewall protections and that all patches are up-to-date as a minimum requirement. In addition, financial institutions should also employ a layered security strategy, from the end-user to the internet to establish a secure IT environment. Adding preventive, detective and responsive layers to IT security strategy will help strengthen an institution’s approach and build an effective security foundation.

A uniquely tailored layered security approach enables financial institutions to:

  • Monitor antivirus for servers, workstations, and off-site laptops
  • Use services that evaluate site lookups to avoid exposure to compromised websites
  • Scan the network for vulnerabilities and detect unusual activity against hackers and rogue employees
  • Block access to all external ports while also monitoring the access of various machines
  • Meet government regulations and requirements
  • Counter extortion threats by preventing a hacker from holding your customer’s personal data for ransom with special customized software for stopping ransomware
  • Patch machines, encrypt laptops, and install alerts on new devices plugged into the network

The security landscape is constantly evolving, and it is imperative to have a solid security plan in place that accounts for this evolution. It should be a fluid document that is frequently reviewed, updated and that specifically outlines administrative, technical, and physical controls that mitigate evolving risks. It is also important to test the full plan on a regular basis to ensure all procedures can be executed successfully and verify that all regulatory requirements are met.

Managing Security Needs

 

Many community banks and credit unions find that managing the security needs of their organization can be a time-consuming and challenging task. To help augment the security responsibilities, these institutions are turning to financial industry-specific IT and security service providers to act as an extension of their organization, provide timely support, and help the financial institution successfully design and execute a comprehensive security strategy. The right solution provider couples security measures with an understanding of and support for the unique security and compliance demands of the financial industry.

At Safe Systems, we believe that proactively protecting customer data will always be more cost effective than falling victim to malicious activity. To that end, we have the unique expertise to ensure that financial institutions employ the right combination of both broad and specific security products to create an ecosystem of protection. Safe Systems helps secure an organization’s endpoints, devices, and users by assessing vulnerabilities, detecting unwanted network activity, safeguarding against data loss, and preventing known threats while staying ahead of developing ones.

04 Feb 2021
Does Your Financial Institution Have the Right Security Layers in Place to Combat Today’s Threats?

Does Your Financial Institution Have the Right Security Layers in Place to Combat Today’s Threats?

Does Your Financial Institution Have the Right Security Layers in Place to Combat Today’s Threats?

In 2020, 80 percent of firms experienced an increase in cyberattacks, and the pandemic was at the root of a 238-percent spike in attacks on banks, according to Fintech News. In a world of ever-increasing cyberattacks, does your bank or credit union have the appropriate security layers in place to effectively thwart these threats?

There are some proven, preemptive measures that financial institutions should take, including:

Effective Log Analysis

Logs record every activity and event that occurs on a network, providing valuable clues about potential performance, compliance, and security issues. But it can be challenging for an institution to analyze, manage, and tailor all the log data that it receives—which can exceed millions of lines in just a 24-hour period. Without sufficient data analysis tools, information technology (IT) professionals are severely limited. They have to depend on their own processing capabilities to manually analyze data, which can be a labor-intensive, mistake-prone task.

Effectively managing log analysis has become more problematic with shifts in the security landscape: the expansion of security features, increase in firewall complexity, rapid emergence of new security threats, and constant growth in endpoints. This creates a situation that no security team can effectively manage on its own without some level of automated log collection and analysis.

With this technology, firewall logs are sent to a device that deftly collects and interprets the data. Information is then displayed in a format that is more readable, searchable, and useful for security engineers. While this process can go a long way toward improving the gathering of raw data, institutions can do even more to enhance their log management by building in additional security layers through the automated threat identification.

Log analysis automation equips security professionals to more effectively receive alerts about current and possible threats. Many banks and credit unions have limited personnel and expertise available to analyze their vast amount of traffic logs manually. But automated log analysis allows institutions to maximize their resources by leveraging more advanced technologies, like artificial intelligence (AI), cloud-based computing, and big data to collect alerts more efficiently.

Improved Education and Continuous Improvement

Staff training and education are also an important aspect of solidifying an institution’s security posture, and institutions can employ a variety of tactics to ensure their employees are better able to interpret and respond to alerts. Bank tellers, loan officers, and administrative staff all benefit from informative seminars, brochures, and other learning opportunities. Information security operations personnel can improve simply by calling on experienced colleagues to share their expertise in a more informal exchange of information. These combined efforts can help institutions minimize the number of threats and manage their operations more efficiently on a daily basis.

Financial institutions must also commit to continuous improvement in regard to their firewall security. While enhancing log analysis is not an exact science, there is value in institutions asking targeted questions to help determine the need for specific enhancements to help ensure that the most actionable and best information is being presented to the individuals who need to review it.

Integrating Advanced Technologies

Additionally, banks and credit unions should leverage next-generation firewall (NGFW) features and other advanced technologies – like dynamic threat feeds – to optimize their security initiatives, helping ensure they allow “good” traffic in and keep “bad” traffic out while maintaining critical processes.

NGFWs also enable financial institutions to perform functions beyond that of a traditional firewall, including deeper inspections of transport layer security (TLS) and secure socket layer (SSL) encrypted traffic. The practice of “sandboxing” to physically or virtually segment a system, network, or entire environment creates a secure location to test and neutralize potential threats.

Learn more about how your institution can incorporate the right security layers to combat today’s threats by downloading our “Improving Security Posture Through Next-Generation Firewall Features” white paper.

10 Dec 2020
Bank of Wrightsville Enhances Security a Next-Gen Firewall Solution

Bank of Wrightsville Enhances Security a Next-Gen Firewall Solution

Bank of Wrightsville Enhances Security a Next-Gen Firewall Solution

A firewall is a key defense measure to combat cyber threats and having the right firewall solution can provide financial institutions with top-rate protection to meet regulatory requirements as well as useful security tools to identify, analyze, and thwart malicious activity. But does your current firewall security meet these expectations and prepare your institution to scale and reach its IT strategic goals?

Challenge

Leesa Anderson, Chief Technology Officer at Bank of Wrightsville, wanted to ensure her institution had the right tools in place to ensure network security, meet compliance requirements, and keep banking operations running smoothly. After an IT audit and third-party vulnerability assessment, it was recommended for the bank to update its firewall to include Secure Sockets Layer (SSL) inspection. However, at the time, this feature was not available on the bank’s current firewall solution. The bank knew it needed to find a new firewall product to improve the bank’s security posture and meet regulatory expectations.

“We needed to have SSL inspection set up on our firewall solution, but our provider at the time wasn’t offering this capability,” said Anderson. “We began looking for a solution that met all of the basic requirements for firewall protection but also included more of the next-gen features that could help us be more proactive and stay ahead of the curve with our perimeter security.”

Solution

After attending Safe Systems’ user conference, Anderson decided to take a closer look at Safe Systems’ Managed Perimeter Defense (MPD) next-gen firewall solution. The solution deploys powerful machine learning algorithms, SSL inspection capabilities, advanced reporting, and alerts to help financial institutions detect and combat malicious activity on the network. After careful consideration, Anderson selected and implemented MPD as the bank was looking to enhance its network security and needed new hardware as well.

Managed Perimeter Defense has provided many benefits to Anderson and her team. Read the full case study to learn how this next-gen firewall solution transformed Bank of Wrightsville’s firewall security and improved its compliance posture.