By Martin Mackay, CRO at Versa Networks
Financial organisations continue to rapidly innovate their digital capabilities, in order to facilitate the growing customer demand for secure, fast, and accessible financial services. Whilst extensive cloud usage and increased digital interactions have helped businesses to accommodate such consumer needs, it has also created more concerning security risks.
We asked Martin Mackay, CRO at Versa Networks, about the biggest risks facing the financial sector today, and how security leaders can find an effective solution to these challenges without sacrificing their business performance and efficiency.
What are the biggest security risks facing financial organisations when they use digital platforms?
Over the past decade, financial firms have experienced a digital transformation revolution. If we look at the banking industry alone, its operations and service offerings have completely shifted to the cloud. Today there are several major banks that exist without a physical branch, because all their operations, services, and interactions are facilitated over the cloud.
To enable this mass-scale digital transformation, firms are having to utilise Internet of Things (IoT) technology, and extend their network connectivity to external endpoints, such as smart payment terminals, ATMs, point-of-sale (POS) devices and more.
While IoT has tremendously improved the outreach and accessibility of financial services, it has also rapidly expanded the external digital footprint of such firms. As all of these externally connected devices and systems are positioned outside of the internal network, they often remain unmonitored and unmanaged. This is where threat actors thrive. Attackers today can leverage automated tools to identify exposed devices connected to financial networks, exploit their vulnerabilities or weak policies, and laterally move into the main enterprise network.
The financial services industry has indeed levelled up its cybersecurity strategy in the past few years. Financial organisations are currently spending nearly 11% of their IT budgets on cybersecurity, which is significantly higher than other vulnerable industries such as healthcare and manufacturing. However, a lot of this progress has been focused on building internal network defences. What some firms might not realise is that a lot of the critical security risks today come from the external digital landscape.
These risks are continuously increasing as organisations are constantly extending their IoT and third-party connectivity. With so many endpoints and hyperconnected systems positioned outside of the core network, any small vulnerabilities such as unpatched devices and unmonitored traffic can lead to a crippling security breach.
How has the cyber threat landscape evolved with the introduction of 5G?
The evolution of new and advanced technologies has been a blessing for any business, especially in the financial services industry. Operational performance in terms of accessibility, efficiency, and functionality have improved due to the adoption of 5G and the new technologies it supports. However, to a larger extent, these new technologies have also made life a lot easier for threat actors.
Specifically, the rapid adoption of 5G has elevated the IoT risks for organisations. According to recent research, 79% of businesses across twelve industries think that 5G has created significant risks for their networks in terms of the number of externally connected devices, increased service access, and supply chain integrity.
The reliable and high-speed connectivity features of this next-gen technology are allowing firms to increase their IoT functionality and establish more seamless interconnection between smart devices and cloud systems. These benefits are also the Achilles’ heel of 5G, as attackers can exploit the real-time connectivity functions to compromise several interconnected assets in much less time. Using this extended attack surface, threat actors can carry out exploitation attacks such as DDoS (Distributed Denial of Service), remote code execution, SQL injection, and zero-day exploits more easily through a single external point of compromise.
Has the recent shift in workforce practices elevated these risks for financial firms?
It’s not just the new technologies, but also the prevalence of new ways of working that is changing the cyber threat landscape. Take remote working for example. Nearly 69% of Financial Services firms are allowing their staff to work remotely at least once a week. The number was less than 30% before COVID. This big shift in work culture means that a large part of an organisation’s workforce is constantly being positioned outside of the secure internal network.
They are often using their personal devices powered by unmonitored public or private broadband, to externally connect to the enterprise network and access critical assets. This again leads to an extended and unmonitored attack surface – where threat actors can exploit the vulnerabilities in the remote user endpoints, escalate access privileges, and carry out sophisticated attacks.
There has also been a massive change in how organisations store and access their critical resources. The succession of rapid cloud migration is allowing companies to shift network resources that were traditionally delivered in hardware to software. It means more and more data is no longer being stored centrally, which gives attackers more chances to intercept it.
How can financial companies secure themselves without sacrificing their performance and digital mobility?
With the adoption of these new technologies, new ways of working, and extended digital transformation, security risks will always be there. However, financial firms need to achieve greater insight of these risks and balance them out using the right security measures.
Secure Access Service Edge or SASE provides a compelling solution to these challenges. It is an effective framework for building your network architecture in a way that converges multiple network management and security functions into a single service that can be delivered entirely through the cloud.
SASE aims to converge security with network performance, so that critical tasks like traffic monitoring and access control can be performed more easily without impacting network speed. This unified method also eliminates the need for data to pass through several VNFs (virtual network functions), which improves connectivity and decreases latency.
Overall, SASE enables granular security control across the entire network infrastructure, while also driving business performance through optimised user experience. Integrating SASE solutions allow financial firms to manage all network and security functions through a single management console. This enables secure, scalable, and reliable enterprise networking; while also ensuring security, segmentation, and visibility across all interconnected assets within the IT estate. Armed with these scalable and advanced capabilities, financial firms can enhance their multi-cloud application performance securely, while significantly reducing network management and operational costs.
