Security Experts:

Three Security Considerations for Financial Services Firms

What Should Financial Services Firms Look for to Ensure a Security Technology Can Address Their Needs?

Perhaps no industry has a greater need for network and data security than the financial services industry. Widely considered to be ‘critical infrastructure,’ not only are banking and financial market networks handling the life savings of individuals, but the lifeblood of the global economy.

Evaluating Security TechnologyAs such, these networks are increasingly under attack. According to a statement by the FBI Cyber Division before the House Financial Services Committee, the number and sophistication of malicious incidents against financial institutions has increased dramatically over the past five years and is expected to continue to grow. Account takeovers, third-party payment processor breaches, securities and market trading exploitation and mobile banking schemes are just a few of the recent and damaging cybercriminal exploits the FBI identifies. Financial organizations need to protect critical infrastructure and sensitive data in an ever-changing environment targeted by increasingly sophisticated threats.

Security technologies that are agile and can deliver high performance and low latency are a sound investment for any financial services institution. So what should financial services firms look for to ensure a security technology can address these three areas?

Agility: The ability to respond to continuous change is essential for security technologies to remain relevant against the changing security demands financial services institutions face today. Traditional security tools were designed for stable, slow changing environments. They weren’t built to deal with changing conditions and new attacks. In order to be agile, modern security technologies must be able to do four things: see everything in the environment including assets and users on the network and attacks against them, learn by applying security intelligence to this data, adapt defenses automatically and act in real time for the fastest possible protection. Through a continuous process of see, learn, adapt and act, security technologies that are agile can deliver more effective protection for financial services firms because they have the ability to respond to continuous change.

High Performance: Performance is critical to financial services networks. Security appliances that include specialized acceleration technology to speed flow and packet handling as well as multiple processors to expedite acquisition and classification of network traffic and application and control plane processing offer the massively parallel processing power to handle demanding throughput requirements. To be certain vendor claims of performance are reliable, consult third-party labs which regularly conduct tests of the latest IT security solutions and provide an efficient and neutral way gain validation.

Low Latency: In the case of network security appliances, latency refers to the delay a device introduces to a network. Real-time financial services applications, such as high-frequency trading and transaction processing, are extremely sensitive to latency. Microseconds can translate into billions of dollars gained, or lost. One way to reduce latency is to consolidate security functionality on a single device. Multiple point solutions each with their own device introduce their own latency that soon compounds. However, simply consolidating security functionality on a single device can still introduce delay and increase latency if each security solution has its own engine. Instead, devices that offer a single-pass engine are designed for minimal latency. By sharing processing across multiple security applications (i.e., monitoring and assembling data packets for security processing and inspection) a single-pass engine affords efficient application of multiple security functions (access control, threat detection and inspection, behavior analysis, host profiling, etc.) while maintaining high throughput performance.

When evaluating security technologies that include a single-pass engine and consolidated functionality, for example a Next-Generation Firewall with integrated intrusion prevention capabilities, make sure the technology includes next-generation capabilities through and through. Security technologies that sacrifice protection to achieve lower latency may expose the organization to risk.

The financial services industry embodies the term “time equals money.” In a sector in which many of the products are commodities, customer experience, confidence, trust, productivity and protection are critical to success. Security technologies that leverage the latest advances in design and engineering to deliver agility, high performance and low latency without compromising protection can mean the difference between profits and problems.

Related Reading: Evaluating Web Application Firewalls

Related ReadingEffective Network Security Requires a Next-Generation Mindset

Subscribe to the SecurityWeek Email Briefing
view counter
Marc Solomon, Cisco's VP of Security Marketing, has over 15 years of experience defining and managing software and software-as-a-service platforms for IT Operations and Security. He was previously responsible for the product strategy, roadmap, and leadership of Fiberlink’s MaaS360 on-demand IT Operations software and managed security services. Prior to Fiberlink, Marc was Director of Product Management at McAfee, responsible for leading a $650M product portfolio. Before McAfee, Marc held various senior roles at Everdream (acquired by Dell), Deloitte Consulting and HP. Marc has a Bachelor's degree from the University of Maryland, and an MBA from Stanford University.