Traditionally, security has been the highest priority of financial institutions since the earliest days of banking, but the primary focus has always been on physical security. Boy, how times have changed. Today’s biggest security threats to financial institutions come from individuals and groups with computers, Internet connections and creative computer skills. Today’s cybercriminals are much more effective than the masked robber holding up a teller; they’re very good at finding and exploiting an organization’s weakness and often even better at being able to get in and out of a computer network before an organization even knows what hit them. It’s a cyber “stick-up” and it’s here to stay.
To become a cybercriminal, the bar and level of expertise needed is low. For unprepared and unprotected financial institutions, the cost is high. Malware toolkits are cheap and readily available to any aspiring or established cybercriminal, creating an increasing pool of global thieves looking for either direct or indirect profit. For financial institutions, it’s not just the big banks being targeted. Cybercriminals are targeting the weak points of today’s businesses -- 36 percent of all targeted attacks are now aimed at businesses with fewer than 250 employees. For today’s financial institutions, endpoints such as laptops, smartphones and tablets, offer multiple ways for their employees to be more productive. These endpoints also offer multiple points of vulnerability for cyber attacks. Adding to that are new platforms for technology, especially virtualization and cloud computing. These trends are new battle fronts in the war against cybercrime, but attacks on traditional endpoints – desktops, laptops and servers – are still where these criminals are focusing a large portion of their resources. Between traditional malware, advanced persistent threats and social engineering scams, today’s smaller financial institutions need to protect their endpoints as much as ever. Let’s look at three key points to help ensure strong endpoint protection:
It’s important to understand that it’s the information itself that needs protection, rather than devices. Information has become a new form of currency and financial institutions have a lot of it. In fact, a recent survey conducted by Symantec showed that SMBs, including financial institutions, consider their information to make up 40 percent of the organization’s value. Computers and servers can be replaced relatively simply. It’s far more costly to notify thousands of customers that their information was compromised and deal with the resulting loss of their trust and business, not to mention the financial penalties. Protecting this information is the priority, particularly in an industry as heavily regulated as finance. It’s vital to ensure that you have policies in place that establish where information can be placed, minimizing its exposure to risks. Having the most secure bank vault in the world will be of little use if piles of money are left on the counter, within easy reach of any passing criminal.
One size does not fit all. The type of endpoint security technology you choose should reflect several factors. Reducing costs and the time spent managing tools is an important consideration for both physical and virtual environments. Consider whether to opt for a solution that you manage yourself or that a third party manages, depending on your available IT manpower. You should also look for a solution that can not only protect against known threats, but proactively identify and block new threats. The right solution should also facilitate compliance with industry regulations and reduce legal liability. Once you’ve identified the right solution for you, be sure to deploy protection consistently on all machines, not just desktops and laptops but also on servers. This is particularly important because two-thirds of data breaches happen on servers, and they not only contain large amounts of sensitive files, but they also keep your business-critical apps running.
Having effective technologies and tools in place are important, however employee education and training plays a critical role in ensuring these technologies and tools truly effective. Employees must be regularly educated on the types of threats originating from email and Internet use, such as emails containing suspicious links or attached files. Cybercriminals are smart and quick to adjust their methods of attack. Some of the most effective attacks are low-tech, such as social engineering. Preying on our tendency to leave a significant amount of personal information publicly available online, cybercriminals can then create communications that are designed to reveal user login credentials and compromise business user accounts, giving them access to sensitive files such as financial information.
Regular training is important for employees so they exercise caution on the Internet, particularly when downloading files or visiting social networking websites while at work. It will also help them limit exposure to confidential information by being more careful where they store files on endpoints.
Small financial institutions play a vital role in today’s thriving global economies, and therefore can’t afford to be lax in their security. Endpoints are still a major target of cyber attacks, as well as providing additional risks from improper user behavior. An effective risk mitigation plan involves implementing the most up-to-date protection software, training employees on current threats and how to avoid them, and establishing policies on information protection. In conjunction with network-level security, endpoint protection can give companies confidence to do business in an unsafe world.
Andy Singer is the Director of Product Marketing for Symantec