If there’s one industry we should be most concerned about when it comes to cyber criminals and security, it’s the one that looks after our money.
“The financial services industry is under continual threat from cyber crooks, and the methods they use to try and infiltrate bank security systems are becoming more sophisticated every day,” states Bryan Hamman, Arbor Network’s territory manager for sub-Saharan Africa.
(TOP: Bryan Hamman, Arbor Network’s territory manager for sub-Saharan Africa).
“Fraud and the interception of online transactions statistics are exhausting, with a recent report by Juniper Research saying that by 2020, the value of fraudulent online transactions globally will be close to the equivalent of $25.6 billion, which is double what we’re seeing now.”
The good news is that this threat can be averted, and the theft avoided, says Hamman.
Arbor Networks cites a recent implementation at a multi-national banking group, which began with a frustrated security operations team that was looking for easy, fast network visibility on connections, end-to-end. The organisation’s security information and event management (SIEM) systems weren’t user friendly, detection and queries were taking too long, and it was missing many banking specific Trojans and malicious activity across the networks.
What this bank needed was a single advanced threat visibility and investigation platform that would:
1. Provide end-to-end connection visibility;
2. Detect and investigate irregular or malicious activity;
3. Support a high performance traffic archive;
4. Accelerate user-to-conversation workflows; and
5. Provide context-driven investigation.
“The solution they ultimately decided on addressed all five proof points, and local banks are well advised to also look at these as part of their cyber security strategies,” explains Hamman.
Banks need to consider platform solutions that provide real-time flow and packet analysis for connections – end-to-end, he reiterates. “These solutions should be designed with the user in mind, allowing them to easily zoom/pivot on visual representations of new indicators and to automatically correlate network activity.”
He says built-in investigation workflows and an exceptional threat level analysis system with informed analytics will provide visibility into both past and present network activity. In addition, there are modules available that will automatically aggregate related indicators, host profiles and network connections into a single view of an advanced threat.
“South Africa had the most cyber-attacks across Africa in 2014, with losses estimated at around R50 billion,” adds Hamman. “In a world like this, consumers want their bank’s security teams to be able to detect and connect global attack indicators to events in their own network.
“In fact, global threat indicators should be connected to the organisation’s internal traffic systems with the most relevant and dangerous threats being identified early.”
In an economy where every cent counts, and in a world where consumers are becoming more savvy to online risks, they will want their banks to be able to mitigate these risks to their hard-earned cash.
“Enhancing cyber security and protecting information is vital to the continent’s economic well-being, and banks are fast realising the critical role their security infrastructure – or lack thereof – plays in securing this,” Hamman concludes.
Arbor Networks, the security division of NETSCOUT, helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context so customers can solve problems faster and reduce the risks to their business.