Cisco India Blog

Attack versus defense in Banking

May 17, 2018

Every organization including banks, have valuable data and information that needs to be protected from adversaries who want to get their hands on it. The struggle between these relentless attackers and the tireless defenders is not always evenly balanced.

As technology evolves, attackers are getting more sophisticated and have unlimited resources and unlimited ways to attack. The defenders, on the other hand, have limited time and resources and need to have complete visibility of their infrastructure and data to foresee and prevent possible attack and damage thereafter. As criminals tend to be much more agile than their targets, security is becoming more than a key concern for organizations across the board.

The threat landscape:

According to the 2018 Cisco Cyber security report, malware is becoming more vicious and it is becoming harder to combat. Organizations now face everything from network-based ransomware worms to devastating wiper malware. At the same time, adversaries are getting more adept at creating malware that can evade traditional sand boxing. Add to that, 50 percent of global web traffic was encrypted as of October 2017. While encryption is meant to enhance security, it also provides malicious actors with a powerful tool to conceal command-and-control activity. Those actors then have more time to inflict damage. Encryption also reduces visibility. More enterprises are therefore turning to machine learning and artificial intelligence to spot unusual patterns in large volumes of encrypted web traffic and investigate further.

According to one Cisco study, 42 percent of the organizations experienced this type of DDoS attack in 2017. In most cases, the recurring bursts lasted only a few minutes. In most of the malicious domains analyzed, about 60 percent, were associated with spam campaigns.  As per the study, Thirty-one percent of security professionals said their organizations have already experienced cyber-attacks on OT infrastructure. And nearly half of the security risk that organizations face stems from having multiple security vendors and products.

How to enable secure Banking:

Given the above, there is a huge incentive for financial services companies including banks, to change the equation of secure banking, as cyber security done well can become a key driver for business. In just three years, an estimated 50 billion new devices will be connected presenting banks with a significant opportunity to serve customers better, if they can seize this digital revolution with a holistic approach to cyber security.

The goal for business should be to see threat once and block it everywhere so they can capture opportunities ahead with the confidence that they are secure. Using integrated security solutions from providers like Cisco for example, can help access latest threat intelligence information and help banks stop more threats, respond faster and use automation to bolster the effectiveness of their security posture.

Cisco can help banks develop an effective security posture by reducing the time to detect and respond to advanced attacks. The threat landscape and Cisco’s Talos threat intelligence will enable to how uncover vulnerabilities and cyber attacks and In-built protection into Cisco security products in real time helps to ensure that banks are protected.

At Cisco, there is a network of talented teams who are devoted to creating the most effective products and the best possible outcomes for our customers for Advanced Malware Protection (AMP) for Endpoints, Cloud lock, Cognitive Threat Analytics, the Product Security Incident Response Team (PSIRT), Security Incident Response Services, Threat Grid, and Umbrella.

End to end protection

The security posture of financial enterprises and their perceptions of how well they can defend against attacks can be effectively changed by using integrated security solutions. Security is the most common benefit of hosting networks in the cloud (on-premises and public cloud infrastructure), security personnel respondents say. Given the above, working together with vendors and solutions providers that help design, implement solutions by interpreting security threats can pave the way to secure banking in a world of growing attacks.

Leave a comment