Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Security Journal Authors: Mehdi Daoudi, John Walsh, Liz McMillan, Elizabeth White, Pat Romanski

Related Topics: Cloud Computing, Security Journal

Blog Feed Post

Become So Hard to Hack, It’s Not Worth the Trouble | @CloudExpo #Cloud

Cyber security, resiliency, accountability of IT systems at financial services organizations is rarely out of national headlines

For Financial Services Firms - The Trick Is to Become So Hard to Hack, It's Not Worth the Trouble
By Louise Bulman

The cyber security, resiliency and accountability of IT systems at financial services organizations is rarely out of national headlines.  Firms that operate in the financial space hold extremely sensitive data, so therefore attackers usually consider the effort and risk of attacking them worth the potential reward.

Fortunately, financial services organizations are making increasing investments in order to make the effort (and financial outlay) required to attack them so high as to make them an impractical target.  This recent article in the Financial Times mentions some of the interesting steps that organizations are taking in order to drive up the operational costs of would-be attackers, as well as some of the figures involved in the investment in cyber security by banks and other financial sector businesses.

Financial Services

These developments are likely to result in a future where all information held by an organization would be so costly and time consuming to steal, doing so becomes an almost impossible task.  Of course, the most effective way to do this is to encrypt by default.

In the past, organizations only encrypted for protection what they were forced to protect by compliance requirements.  However, advances in encryption technology mean that it is now faster and easier to secure more data with encryption than ever before.  As such, any business handling sensitive payment and financial data can put an increasing amount of encryption, granular access controls and data access monitoring in place.  It is this combination of technologies that reduces the attack surface available by limiting who, what, when, where and how data can be accessed, and keeps a careful eye on those with a legitimate need to access it by monitoring their data access patterns for behaviour that may indicate an attack in progress.

Really, this is all about making potential attackers ask if your organization is more trouble than it is worth.  If it is, you’re moving in the right direction.

The post For Financial Services firms – The trick is to become so hard to hack, it’s not worth the trouble appeared first on Data Security Blog | Vormetric.

Read the original blog entry...

More Stories By Vormetric Blog

Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, big data and cloud environments. Data is the new currency and Vormetric helps over 1400 customers, including 17 of the Fortune 30 and many of the world’s most security conscious government organizations, to meet compliance requirements and protect what matters — their sensitive data — from both internal and external threats. The company’s scalable Vormetric Data Security Platform protects any file, any database and any application’s data —anywhere it resides — with a high performance, market-leading data security platform that incorporates application transparent encryption, privileged user access controls, automation and security intelligence.