He says there are numerous ways of ‘kicking out’ the hackers, while Van Someren says that most forward-thinking banks are now considering honeypots and dummy data sources.
Jitender Arora, another CISO in the financial services sector, agrees that response is now pivotal.
“Organizations are now looking at improving their detection and response capability to ensure they have a better chance of detecting early and responding effectively to contain the damage.”
Cloud concerns remain
Barclays is, of course, not the only bank trialing new security measures. In recent months, Citibank, UBS and others have experimented with Bitcoin, Halifax has been trialing heartbeat authentication and Credit Agricole has tested Blockchain. Citi Ventures has been investing significant money in security start-ups including Pindrop, vArmour and Illusive.
There is significantly less interest in security in the cloud, however. Jolley says that vendor moves, the collapse of Safe Harbor and the incoming EU General Data Protection legislation, have put banks off.
Nik Whitfield, CEO of UK cybersecurity start-up Panaseer - which works with investment banks, agrees: “If you ask [CISOs] ‘would you put security in the cloud?’ they would say no way. Certainly, we don’t see any of the big guys moving security data wholesale into something like AWS.”
Arora disputes the view that banks are innovating at all: “Most organizations are quite static when it comes to their standard business services and technology stack,” he says.
“Imagine an organization with 20,000+ servers, 1,000+ applications, 100,000+ end points and variety of technology flavors; it’s a complex landscape which makes it expensive and difficult to make drastic changes.”
Instead, some suggest that banks continue to face age-old problems, such as compliance and data storage, in the face of the mass collection of data.
Whitfield says there is now too much data for CISOs to derive any insight, with SOC teams also overrun with threat intelligence alerts.
“They realize they’ve only got very limited visibility of what is going on,” says Whitfield, adding that new technology solutions are often siloed and thus don’t talk to each other. Other experts say threat intelligence sharing issues remain.
“A CISO wants to get a broad picture of what is happening…but it’s simply not possible at the moment.”