Following the acquisition of networking security solutions provider Sourcefire by the networking giant Cisco, Computerworld Malaysia asked Sourcefire APAC field product manager Amitpal Singh Dhillon on what information security heads in the region's financial services sector should be focusing on.
Photo - Amitpal Singh Dhillon, Field Product Manager APAC, Sourcefire, now part of Cisco.
Firstly, what's your take on the security issues faced by chief security officers of financial services organisations in Asia and how should they deal with these challenges? Also, how has Sourcefire helped CSOs to face security issues in Malaysia and other Asian markets?
Chief Information Security Officers [CISOs] have more tasks than ever and sophisticated, complex threats to manage. This includes managing compliance, trusting the cloud, trusting vendors and bouncing back from security breaches.
More recently, some large scale attacks across banks in Asia-Pacific were used to conceal other nefarious activity, such as wire fraud before, during, or after a campaign. These attacks can overwhelm bank personnel, prevent transfer notifications to customers, and prevent customers from reporting fraud. And by the time an institution recovers from such an event, it is unable to recoup its financial losses. Sourcefire is transforming the way that financial services organisations are securing their data and assets and also managing and minimising network security risks with its intelligent cyber security solutions.
Retail and investment banks have deployed the Next-Generation IPS (NGIPS) from Sourcefire to provide automated protection for key data networks. Several stock exchanges, trading and investment houses and insurance companies rely on the real-time protection provided by our NGIPS to ensure that they operate effectively and securely to remain efficient and competitive for their clients and partners.
Here is another example of how the solutions work Better Together for a large global financial institution.
Before the attack, FireAMP and the IPS solution provided continuous monitoring, context and visibility into what was happening across the financial institutions' network. During the attack, FireAMP was instrumental in analyzing, blocking and detecting the malicious files to quickly remediate the attack. After the attack, FireAMP's retrospective remediation capabilities allowed the company to go back and mark the files for quarantine, pull malicious files off any remaining systems and prevent recurring infections.
What sort of steps do you take potential customers through to ensure they achieve the best returns on investing in your services and solutions?
Every financial organisation needs best-in-class security systems that monitor and enforce to protect its reputation, meet compliance and improve security. Key considerations should include a greater understanding of how to:
- Identify vulnerabilities, track remediation and reduce risk
- Produce reports to help meet financial services IT compliance requirements and ensure that protection is up to date and automatically applied
- Employ real-time monitoring of users and resources to reduce time spent
- Reduce time spent resolving network exposures continuously and proactively monitor all fixed network access points to detect breaches of policy that could lead to data loss
- Identify and control web-based facilities such as Hotmail and instant messaging to plug holes within corporate defences
- Share information between departments to enhance real- time proactive monitoring.