News & Commentary

10:27 AM
Andy Singer, Symantec
Andy Singer, Symantec
Commentary
50%
50%

The Cyber Stick-Up – Making Sure Your Endpoints are Protected

Today’s cybercriminals are much more effective than the masked robber holding up a teller; they’re very good at finding and exploiting an organization’s weakness and often even better at being able to get in and out of a computer network before an organization even knows what hit them.

Traditionally, security has been the highest priority of financial institutions since the earliest days of banking, but the primary focus has always been on physical security. Boy, how times have changed. Today’s biggest security threats to financial institutions come from individuals and groups with computers, Internet connections and creative computer skills. Today’s cybercriminals are much more effective than the masked robber holding up a teller; they’re very good at finding and exploiting an organization’s weakness and often even better at being able to get in and out of a computer network before an organization even knows what hit them. It’s a cyber “stick-up” and it’s here to stay.

To become a cybercriminal, the bar and level of expertise needed is low. For unprepared and unprotected financial institutions, the cost is high. Malware toolkits are cheap and readily available to any aspiring or established cybercriminal, creating an increasing pool of global thieves looking for either direct or indirect profit. For financial institutions, it’s not just the big banks being targeted. Cybercriminals are targeting the weak points of today’s businesses -- 36 percent of all targeted attacks are now aimed at businesses with fewer than 250 employees. For today’s financial institutions, endpoints such as laptops, smartphones and tablets, offer multiple ways for their employees to be more productive. These endpoints also offer multiple points of vulnerability for cyber attacks. Adding to that are new platforms for technology, especially virtualization and cloud computing. These trends are new battle fronts in the war against cybercrime, but attacks on traditional endpoints – desktops, laptops and servers – are still where these criminals are focusing a large portion of their resources. Between traditional malware, advanced persistent threats and social engineering scams, today’s smaller financial institutions need to protect their endpoints as much as ever. Let’s look at three key points to help ensure strong endpoint protection:

Information Protection

It’s important to understand that it’s the information itself that needs protection, rather than devices. Information has become a new form of currency and financial institutions have a lot of it. In fact, a recent survey conducted by Symantec showed that SMBs, including financial institutions, consider their information to make up 40 percent of the organization’s value. Computers and servers can be replaced relatively simply. It’s far more costly to notify thousands of customers that their information was compromised and deal with the resulting loss of their trust and business, not to mention the financial penalties. Protecting this information is the priority, particularly in an industry as heavily regulated as finance. It’s vital to ensure that you have policies in place that establish where information can be placed, minimizing its exposure to risks. Having the most secure bank vault in the world will be of little use if piles of money are left on the counter, within easy reach of any passing criminal.

Effective Technology

One size does not fit all. The type of endpoint security technology you choose should reflect several factors. Reducing costs and the time spent managing tools is an important consideration for both physical and virtual environments. Consider whether to opt for a solution that you manage yourself or that a third party manages, depending on your available IT manpower. You should also look for a solution that can not only protect against known threats, but proactively identify and block new threats. The right solution should also facilitate compliance with industry regulations and reduce legal liability. Once you’ve identified the right solution for you, be sure to deploy protection consistently on all machines, not just desktops and laptops but also on servers. This is particularly important because two-thirds of data breaches happen on servers, and they not only contain large amounts of sensitive files, but they also keep your business-critical apps running.

User Awareness

Having effective technologies and tools in place are important, however employee education and training plays a critical role in ensuring these technologies and tools truly effective. Employees must be regularly educated on the types of threats originating from email and Internet use, such as emails containing suspicious links or attached files. Cybercriminals are smart and quick to adjust their methods of attack. Some of the most effective attacks are low-tech, such as social engineering. Preying on our tendency to leave a significant amount of personal information publicly available online, cybercriminals can then create communications that are designed to reveal user login credentials and compromise business user accounts, giving them access to sensitive files such as financial information.

Regular training is important for employees so they exercise caution on the Internet, particularly when downloading files or visiting social networking websites while at work. It will also help them limit exposure to confidential information by being more careful where they store files on endpoints.

Small financial institutions play a vital role in today’s thriving global economies, and therefore can’t afford to be lax in their security. Endpoints are still a major target of cyber attacks, as well as providing additional risks from improper user behavior. An effective risk mitigation plan involves implementing the most up-to-date protection software, training employees on current threats and how to avoid them, and establishing policies on information protection. In conjunction with network-level security, endpoint protection can give companies confidence to do business in an unsafe world.

Andy Singer is the Director of Product Marketing for Symantec

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Byurcan
50%
50%
Byurcan,
User Rank: Author
3/22/2013 | 3:16:44 PM
re: The Cyber Stick-Up – Making Sure Your Endpoints are Protected
Very insightful to remind us that ultimately it's not the device tat matters, but the precious information contained therewith. Contiuning education for end users is the key, as many people don't take the proper security care of their devices that they should
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Here is what the client expects us to develop...
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.