BANKING SECURITY - Outwitting the information robbers.
A The 2013 Trustwave Global Security Report 2013 Tru s twave Global Security Report revealed that in 2012 it took organisations approximately 210 days to detect a breach. When considering the harm that this could potentially cause, with criminals siphoning off information unbeknown to the victim company for seven months, it is imperative that businesses implement layered security. This includes controls and policies meant to not only help identify a breach immediately, but also help prevent attackers from getting access to a company's private data in the first place.
However, in today's corporate environment, where new technologies and trends such as social media, Bring Your Own Device (BYOD), mobile applications and big data are quickly becoming commonplace, threats are more complex than ever and combating those threats requires additional skills and resources that some businesses may not have.
Business leaders often purchase a security product based on its latest and g reatest feat ures. However, in many cases, once the product arrives, they realise that installing and understanding how the product works takes more time and is a bit more complex than they anticipated. These products then become ''shelfware'' - boxed and kept on a shelf.
For example, a financial institution may purchase a technology that would help identify and remediate suspicious activity. However, when the technology arrives, the in-house security staff learns that it is too complex to install and maintain, and the organisation may not have the time or resources manage it. So the product sits on the shelf and the company's threat detection issue remains unresolved.
In addition to the lack of manpower, business leaders and bankers are also realising they may not have the skills needed to combat threats stemming from the continuously evolving new technologies and communication platforms entering the workplace.
As the number and level of threats increase, businesses need to hire security experts that understand the mindsets of the attackers, experts that have the skills of a hacker and can not only break into networks and applications to identify vulnerabilities but also analyse those weaknesses, understand how threats are evolving and what types of solutions are needed to combat those threats.
How managed security services can help
Banks, and other businesses, can augment and streamline their security staff by partnering their in-house team with an outside security team to install, integrate, configure, tune, monitor and provide ongoing management and support, in an effort to improve their security posture against the latest evolving threats. It is important to note this does not mean firing, it means hiring. Instead of removing their inhouse IT staff, enterprises unite the in-house and outside security teams so that they work together to manage the company's security.
By augmenting their staff in this manner, businesses are not only adding manpower, but also adding experts who understand the latest threats and how to protect information from those threats. The outside team can steer the ship, making sure all of the people and parts are aligned and on board ready to overcome the rocky seas.
The information security industry needs to stop focusing on the failed model of promoting product features and instead focus on the overall value of the service. Managed security services decrease complexity, overall cost and adds critical security expertise that will help enterprises stay ahead of the criminals.
*Michael Aminzade is the director Compliance Delivery EMEA & APAC, Trustwave, a US-headquartered company which helps organisations fight cybercrime, protect data and reduce security risk.
SOLVING SECURITY PROBLEMS CRUCIAL FOR E-BANKING
Almost one third of users do not feel safe making e-payments on their smartphones or tablets. A B2B International survey shows that 33% of respondents would never use a mobile device for making online transactions, such as paying for goods in online stores. A slightly smaller, but still considerable, proportion of smartphone and tablet owners (28%) do not feel comfortable using their devices for online banking. And only 22% of tablet and 27% of smartphone users are unconcerned about entering financial information on their gadgets.
Android-based devices are used by 84% of smartphone owners and 74% of tablet owners. Android is the world's most popular mobile operating system and is most frequently attacked by cybercriminals. According to Kaspersky Lab, 99% of all existing mobile malware samples are developed for Android. In 2012, the company's experts found 35,000 malware samples for Android. In the first six months of 2013 that number soared to more than 47,000.
E-stores, e-payments and e-banking systems have made many financial tasks easier and the widespread use of smartphones and tablets makes online banking even more convenient. Fake Android apps for online banking operations, phishing attacks, and malicious attacks developed to intercept the data the user enters via the keyboard are some of the malicious tools that have often been used to attack the owners of Android-based devices. Some 13% of those surveyed reported they would not use Android for this reason. However, despite the growing number of threats for Android, users can safely make mobile payments by protecting their device with a reliable security solution.
Business leaders are realising they may not have the skills needed to combat threats stemming from the continuously evolving new technologies and communication platforms entering the workplace
Copyright IC Publications 2014 Provided by Syndigate.info , an Albawaba.com company