The foundation of better security for FSI in Singapore

Sharat Sinha, vice president for Asia Pacific at Palo Alto Networks

Singapore has long been known as a prosperous financial centre of international standards, offering a broad range of financial services — including consumer banking, insurance and wealth management — not just to locals but also the wider Asia Pacific region.

From mobile to cloud computing, financial services organisations rely more than ever on innovative technologies to remain competitive. This focus is motivated more by long term profitability and business success than immediate operational priorities.

Due to the high level of sensitive data they handle, it goes without saying that financial services organisations tend to be targeted by cybercriminals more than any other industry, as with the case of recent data breaches against Standard Chartered's customer data through a third party vendor and phishing websites designed to steal PINs and One-Time-Passwords (OTPs) from POSB customers.

Surprisingly, there are still many financial institutions today which rely on outdated legacy systems to protect their most vital assets. Many of these legacy systems consist of stand-alone threat detection products, and are not architecturally designed to effectively coordinate across threat disciplines or deliver the advanced protection and performance needed in today's modern financial environments. The truth is that these systems are simply not equipped to deal with increasingly sophisticated attacks.

With this in mind, to minimise the risk of attack, financial companies need to take a closer look at the current state of their security, identify the most significant risks, and then make rapid improvements to modernise security infrastructure to lower their exposure.

But how do you balance the need to accelerate the adoption of new technologies with the simultaneous mandate for better, more comprehensive security? How do you move every aspect of your business online while thwarting constantly evolving cyberthreats and APTs?

As a starting point, visibility, control, less complexity, automation, and a next-generation platform must all be foundational components of your cybersecurity strategy. Other tips include:

1. Moving from passive detection to proactive prevention
Unfortunately, we find that, all too often, attackers are able to penetrate a targeted network as well as successfully establish a beachhead while remaining undetected for significant periods of time. During this time, they are able to inflict serious damage, which can lead to significant losses for the company. An effective response is to move beyond protective measures to add preventive strategies and early detection to the indicators of compromise. This includes identifying which applications can be authorised on the network to support business, safely enabling them, and blocking everything else, including known and unknown threats. By adopting a full visibility approach, which entails inspecting all suspicious traffic all the time regardless of end-point/device, user location, source and destination, businesses can be assured that nothing goes unnoticed on the network. By being able to inspect all suspicious traffic all the time, it is possible to rapidly stop more sophisticated threats such as APTs that might stay dormant on the network for months. 

1  2  3  Next Page