The recent spotlight on security incidences and breaches against businesses across all industries — including financial organizations — is undoubtedly unnerving for those who are responsible for keeping the businesses safe. For financial services, in addition to this year’s WannaCry ransomware attack, hackers have also used malware to bypass three international banks’ security systems to gain access to SWIFT terminals to initiate unauthorized money transfers. SWIFT is the financial messaging network that connects the world’s banks for settling transactions.
With the onslaught of attacks, is financial services IT ready to win the battle against the attacks? Or is security architecture the Achilles heel of the business?
In a recent global study on IT security infrastructure by Citrix and the Ponemon Institute, two thirds (66 percent) of respondents representing the financial services industry (which made up 16 percent of the 3,728 total number of respondents) think that their existing security solutions are outdated and inadequate, and a new IT security framework is needed to improve security posture and reduce risk. Sixty percent do not have a secure mobile strategy for BYOD.
Despite the fact that more than half (53 percent) will increase security budgets in 2017, the inadequacy of the existing architecture and solutions means that security in financial services has quite a journey to get to where it needs to be. IT teams need the right solutions to protect against the different risks.
But what risks should financial services IT guard against?
In addition to the ever-more sophisticated external attacks including ransomware and other malware, Trojans, distributed denial-of-service attacks, zero-day attacks, and insider threats, IT security also needs to consider the risks brought on by generational habits in employees. For example, baby boomers are more susceptible to social engineering and phishing scams, whereas millennials are more likely to use unapproved apps and devices in the workplace (Shadow IT). As high as 63 percent responded that their employees and contractors use third-party file sharing or productivity apps that are not sanctioned by IT.
To keep up with the dynamic threat landscape, Citrix can help financial services IT reduce security risk and ensure compliance through the following five security pillars:
- Supporting contextual access to apps and data with multi-factor authentication, identity and group-based authorization, context-based access control, and other features that strike the right balance between risk and simple access.
- Maintaining network security with centrally managed employee and customer portals for controlled access, advanced encryption, network segmentation, and features like rate limiting and load balancing that ensure high availability.
- Providing application security through features like centralized administration of apps, containerization of mobile apps, and protection against application-level attacks.
- Strengthening data security by centralizing protected information behind firewalls, creating secure containers for data on mobile devices, and promoting secure file sharing and collaboration.
- Enhancing analytics and insights that providing detailed information on user activities and network flows, and extensive data and tools for auditing and compliance.
With a strengthened IT security architecture, financial services IT can enhance customer service and empower employees without painting a “hack me” target on the back of the business. Financial services IT can then enable the business to thrive in a highly competitive landscape.
Follow me on Twitter
Learn more about Citrix Solutions for Financial Services
Follow Citrix Solutions for Financial Services & Insurance on Twitter.