Written by Chris Wood, Australia and New Zealand Regional Director, Sourcefire
Chris Wood is the Australian and New Zealand regional director for Sourcefire. He has more than 15 years experience in the technology arena, with over ten years in enterprise security hardware and software.
Perhaps no industry has a greater need for network and data security than the financial services industry. Widely considered to be ‘critical infrastructure,’ not only are banking and financial market networks handling the life savings of individuals but the lifeblood of the global economy.
As such, these networks are increasingly under attack. The number and sophistication of malicious incidents against financial institutions has increased dramatically over the past five years and is expected to continue to grow. Account takeovers, third-party payment processor breaches, securities and market trading exploitation and mobile banking schemes are just a few of the recent and damaging cybercriminal exploits that abound today. Financial organisations need to protect critical infrastructure and sensitive data in an ever-changing environment targeted by increasingly sophisticated threats.
Security technologies that are agile and can deliver high performance and low latency are a sound investment for any financial services institution. So what should financial services firms look for to ensure a security technology can address these three areas?
The ability to respond to continuous change is essential for security technologies to remain relevant against the changing security demands financial services institutions face today. Traditional security tools were designed for stable, slow changing environments. They weren’t built to deal with changing conditions and new attacks. In order to be agile, modern security technologies must be able to do four things: see everything in the environment including assets and users on the network and attacks against them, learn by applying security intelligence to this data, adapt defenses automatically and act in real time for the fastest possible protection. Through a continuous process of see, learn, adapt and act, security technologies that are agile can deliver more effective protection for financial services firms because they have the ability to respond to continuous change.
Performance is critical to financial services networks. Security appliances that include specialised acceleration technology to speed flow and packet handling as well as multiple processors to expedite acquisition and classification of network traffic and application and control plane processing offer the massively parallel processing power to handle demanding throughput requirements. To be certain vendor claims of performance are reliable, consult third-party labs which regularly conduct tests of the latest IT security solutions and provide an efficient and neutral way to gain validation.
In the case of network security appliances, latency refers to the delay a device introduces to a network. Real-time financial services applications, such as high-frequency trading and transaction processing, are extremely sensitive to latency. Microseconds can translate into billions of dollars gained, or lost. One way to reduce latency is to consolidate security functionality on a single device. Multiple point solutions each with their own device introduce their own latency that soon compounds. However, simply consolidating security functionality on a single device can still introduce delay and increase latency if each security solution has its own engine. Instead, devices that offer a single-pass engine are designed for minimal latency. By sharing processing across multiple security applications (i.e., monitoring and assembling data packets for security processing and inspection) a single-pass engine affords efficient application of multiple security functions (access control, threat detection and inspection, behaviour analysis, host profiling, etc.) while maintaining high throughput performance.
When evaluating security technologies that include a single-pass engine and consolidated functionality, for example a Next-Generation Firewall with integrated intrusion prevention capabilities, make sure the technology includes next-generation capabilities through and through. Security technologies that sacrifice protection to achieve lower latency may expose the organisation to risk.
The financial services industry embodies the term “time equals money.” In a sector in which many of the products are commodities, customer experience, confidence, trust, productivity and protection are critical to success. Security technologies that leverage the latest advances in design and engineering to deliver agility, high performance and low latency without compromising protection can mean the difference between profits and problems.