Technology

Connecting the security dots with cyber fusion

Published

2 months ago

September 26, 2023

admin

Anuj Goel, Co-founder and CEO at Cyware

Against the backdrop of Russian-based hacktivists declaring war on Europe’s financial systems, the passing of the EU’s Digital Operational Resiliency Act (Dora) and the potential threats posed by the emergence of generative AI, the finance sector has a lot to contend with.

In today’s elevated threat environment, cybersecurity teams need to take proactive action fast. All too often, however, analysts are bombarded by a tsunami of alerts generated by countless security tools. According to recent estimates, today’s enterprises have on average 100+ discreet security tools, many of which do not play nicely together.

At the same time as attempting to make sense of all this noise, IT security teams and their risk counterparts often work in isolation and rarely share resources or intel. Consequently, both teams are on the lookout for external indicators of looming threats despite the fact that internal log data often contains clues to the next attack. Without the right tools to effectively process and analyse this vast sea of data, these clues stay undetected, only to be discovered forensically long after an attack occurs. But rather than simply adding more security tools into the mix, security professionals need a better way to examine the threat data generated by disparate security tools and deduce high confidence and actionable threat intelligence.

To improve their threat detection and response capabilities, banks need to adopt a cyber fusion strategy that makes it easier and faster to find indicators of potential compromise and collectively take informed defensive steps to prevent or mitigate an incident.

What is cyber fusion?

Initially developed by intelligence agencies to promote collaboration through intelligence sharing, the fusion centre concept is now gaining traction in the field of cybersecurity.

Unifying security functions such as threat intelligence, security automation, threat response, security orchestration and incident response into a single connected unit, cyber fusion offers a more proactive approach to dealing with potential threats by bridging the gap between multiple teams through intelligence synthesis and inter-team collaboration. It also enables the fusion of contextualised strategic, tactical and operational threat intelligence for rapid threat prediction, detection and incident response.

By initiating a cyber fusion centre (CFC), banks will be able to automate the ingestion of threat data from a variety of different sources including existing security tools, cloud apps, historic incident intelligence and other data sources, including external threat intelligence providers and regulatory advisories. This can be done in a way that allows security teams to contextualise insights into malicious activities and meaningfully orchestrate cybersecurity operations across the network.

Leveraging AI and machine learning to enable faster actioning and analysis of threat intelligence, a CFC delivers complete visibility of security risks, threats, security controls and exceptions across cloud-based or on-premises infrastructures. It also enables banks to automate incident response and respond to threats in real time or proactively.

Finally, and most importantly, it also boosts inter-team collaboration by automatically notifying the right stakeholders of relevant threat intelligence and changing scenarios in real-time via a shared platform that supports a truly holistic and joined-up response.

Enabling a unified security posture

Bringing together technologies, teams and processes under one roof, a CFC enables security teams to orchestrate and automate security workflows in an integrated and highly collaborative manner.

Providing insights on all kinds of threats including malware, vulnerabilities, threat actors and previous incidents, cyber fusion supports the rapid dissemination of intelligence among all security teams to enable high-fidelity security decision-making at a technical, tactical, operational and strategic level. The exchange of situational intelligence at a cross-sectoral level empowers security teams to co-develop threat mitigation strategies. It also enables teams to leverage shared actionable intelligence to automate responses – such as blocking malicious IPs in firewalls or updating SIEM data – with no need for manual intervention.

But that’s not the only benefit. To further reduce security vulnerability risks, banks can use their CFC platform to automatically feed relevant data into their other security tools (EDR, firewalls, IDS/IPS, SIEM, SOAR). Using automated cross-functional workflows to drive security actions significantly reduces the mean time to detect (MTTD) and mean time to respond (MTTR).

Connecting the dots for enhanced resilience

With a cyber fusion centre in play, banks can enable security teams to ingest, enrich, correlate and manage threat data into a single source of truth and turn that data into contextualised, noise-free and actionable threat intelligence. This can also then be shared in real time to identify and respond to threats faster.

Enabling 360-degree threat visibility is just the start. Alongside promoting collaboration between teams by sharing real time threat alerts that support a collective defence approach, a CFC enables security operations teams to automate incident responses and initiate an end-to-end threat response process that keeps pace with the evolving threat landscape. By adding cyber fusion capabilities to their existing security operations centre (SOC), banks will be better equipped to connect the dots and respond to the prevailing threat landscape in real time.

Up Next

Where is the value in generative AI for financial services?

Don't Miss

Investing In Bitcoin: What You Need To Understand Before You Buy

Finance

In 2024, payments will evolve to broaden accessibility

Published

2 days ago

December 1, 2023

admin

Attributed to Roy Aston, COO at Paysafe.

As we look to 2024 and beyond, businesses will need to adapt experiences to changing consumer needs and demands, working with payments providers to increase accessibility, offer broader choice, and more.

We break down some the forces driving evolution in payments over the coming years.

Payments need to be available to everyone, everywhere

Regardless of their location or situation, consumers do not want to wait when it comes to payments. The proliferation of smart devices has given users access to everything, all at once, and this is also expected when making transactions.

In 2024, banks and financial institutions will continue to push ahead with this journey to offer smooth, secure payments to everyone, everywhere, delivering services at the lowest possible barrier to entry. This also means ensuring consumers, even those that are unbanked or underbanked, have access to remittances and cross-border payments.

The first step in achieving this goal will be to improve reliability, security and availability, which may see traditional payment methods like debit and credit cards – still the most popular payment methods – become less dominant, while alternative payment methods (APM) like eCash and digital wallets will grow.

This is because, with the right payment provider, merchants can ensure these APMs are available anywhere in the world – eCash, for example, does not require a bank account to use. In addition, digital wallets and online cash can offer swift, secure transactions, helping users overcome security issues by not requiring them to enter their financial details.

Financial companies will embrace collaboration in 2024

While businesses can address consumer payment concerns using APMs, they must also look to bolster their own defences as the threat landscape changes. Increasingly advanced technology, like AI models, are now accessible to far more people, including threat actors.

To combat this escalating threat, it’ll be no surprise to see more financial companies collaborate in 2024 as they seek to improve cyber risk mitigation. This makes perfect sense – and would be a positive step for the industry – though it is easier said than done.

Businesses must share data legally, while aimed toward a positive purpose, rather than for pure profit. For example, if a financial organisation gains intelligence on a cyber group, they could share this with other companies to protect against bad money movement.

Ideally, collaboration could help improve anti-fraud, anti-money laundering, and cyber security measures, and more broadly reduce risk for businesses and consumers alike. But first, thinking around data governance may need to change.

Existing trends will evolve

While exciting new trends will emerge in 2024, we’ll also see the evolution of some that have yet to reach their full potential.

Embedded payments, for example, will continue to develop, with more businesses bringing together financial products with features like loyalty schemes to offer more added value to consumers.

Decentralised finance, too, should continue to build momentum in 2024. While decentralised finance, and specifically NFTs, have faced challenges this past year, it will be no surprise to see companies get to grips with changing regulatory requirements and continue to build in this area.

Open banking could also see a big 2024, with more APIs becoming available, and companies starting to develop new solutions to enhance customer experience and reduce friction in the payment ecosystem.

And while evolution rather than revolution is a necessity in technology, it’s always exciting to look ahead to the big trends that could shape the future – perhaps not in the year ahead, but beyond.

The future is quantum

Quantum computing is a trend that is as exciting as it is potentially frightening. Able to perform computations that are exponentially faster than ever before, quantum computing represents a new frontier and it will be thrilling to see how it is used in the years ahead.

Combined with AI, for example, quantum computing could optimise processes at a speed and scale never seen before – with serious benefits passed onto consumers.

In the nearer term, however, ensuring payments are available and accessible for everyone must remain the focus in 2024.

Technology

How to protect your business from the rise of sophisticated cyberattacks

Published

2 days ago

December 1, 2023

admin

Suhaib Zaheer SVP, Managed Hosting at Digital Ocean & GM, Cloudways 

In an age where technology drives business operations, the threat of sophisticated cyberattacks looms over organisations of all sizes. From stealthy ransomware attacks to intricately orchestrated phishing schemes, the arsenal of online adversaries is expanding. Cyberattacks were listed as one of the biggest threats to the UK in the 2023 risk register. Added to this, 97 people per hour fall victim to cyberattacks. The threat of a cyberattack not only jeopardises businesses and their valued employees but also poses a significant risk to their customers. A breach of security has the power to decimate an organisation’s hard-earned reputation and impose severe financial distress.

Today, safeguarding your business against the rising tide of sophisticated cyber threats is no longer a choice. This article explores actionable ways to fortify your business’s defences, empowering you to navigate threats with resilience.

Navigating the cybersecurity landscape

Over the past few of years, the widespread adoption of remote work practices surged, consequently exposing businesses, particularly SMBs to elevated cybersecurity risks.

Suhaib Zaheer

Before remote work, businesses could dictate strict rules governing the access points for critical documents. Company computers were tethered to office desks, seamlessly connected to in-house servers. The primary concern for management teams was fortifying the office server and upholding computer security.

Fast forward to today, and the workforce is no longer confined to office walls but spans cities, and even countries. This shift brings a twofold challenge—exposing vulnerabilities in servers and individual computers. Added to this, the intricacies of data protection laws differ in each country. Companies must equip teams with secure technology that provides enterprise-grade security to protect against hackers and sophisticated threats.

The challenge lies in not only supporting dispersed workforces but doing so without compromising the sanctity of sensitive information in a world where data security must align with international legal intricacies.

Fortifying small businesses

Small business owners find themselves particularly susceptible to security and privacy threats due to their limited resources, which often translates into inadequate cybersecurity measures compared to their larger counterparts. Even if resources are limited, business owners can safeguard against security pitfalls by implementing well-defined security procedures in collaboration with their employees – making it everybody’s responsibility.

Building customer trust hinges on the assurance that their information is secure when interacting with a company’s website. Recognising the pivotal role of customer trust in the sales process underscores the critical need for businesses to make cybersecurity a top priority.

Prepare for future threats

Outdated technology remains a vulnerability for businesses, as the repetitive and resource-intensive nature of updating website security opens avenues for human error. Solutions capable of automatically detecting updates, executing secure backups, and enhancing security procedures alleviate this burden, eliminating the need for manual maintenance.

AI is capable of handling laborious tasks as it analyses data for anomalies, swiftly detecting and flagging abnormalities for cybersecurity teams to address. AI-powered solutions also automate time-consuming processes, securely updating websites and backing up data, enhancing overall efficiency.

Critical features for website resilience also include the ability to manage traffic surges seamlessly. Optimising bandwidth capacity minimises friction during peak periods, ensuring responsive handling of heavy traffic loads. Crucially, automated technology that adjusts bandwidth capacity during traffic surges prevents system failures and unauthorised access.

Additionally, businesses can safeguard against security pitfalls by implementing well-defined emergency procedures in collaboration with their employees. The urgency instilled in employees when they receive seemingly urgent demands from their employers creates a vulnerable juncture that cyberattackers exploit, seizing the opportunity to pilfer information and gain access to sensitive data.

Furthermore, business owners must invest in robust security measures, implement secure payment gateways, and educate users on mobile security practices to build trust and safeguard information. Staying abreast of the evolving security landscape and adapting cybersecurity strategies to meet changing customer expectations are crucial for business success.

As we move towards a new year, it is clear that businesses need to ensure that security is a top priority. Cybercriminals will continue to use new technologies to launch ever more effective and creative cyberattacks, so businesses need to ensure that they are working to protect their data with a similar level of ferocity. This will be a key aspect of supporting business growth and success in the future.