It’s a digital world, and business is changing at a faster pace than ever before. When people are connected to devices and machines and vital information is made more accessible, nearly every industry around the globe is impacted. We sat down with James Mobley, Cisco Vice President of Security, Collaboration, and IoT Services at Cisco to discuss the current financial climate.
Overview of the market
The financial services world is a state of constant evolution, an undisputed fact. In particular, the emergence of artificial intelligence and machine learning, among other new technologies, are catalysts for significant disruption.
“Many of the processes that have historically required manual intervention are now being driven by technologies with embedded orchestration and automation capability.”
As a result, institutions now have the ability to gather unprecedented volumes of data and connect the previously isolated processes. This new era of connectivity ushers in substantial growth and opportunity, but not without introducing new risk and complexity into the equation. According to Mobley, security plays a significant role on both sides of the equation.
“When companies can innovate in a fast and trusted manner, they are best positioned to compete and survive in a climate of digital disruption.”
Securing financial services
Financial services firms have the challenging task of securing extremely sensitive data in an environment in which customers trust (and regulatory compliance) are on the line.
If a breach does occur, consequences include a loss of customer trust, brand value, assets, productivity, regulatory fines, litigation, and remediation costs.
“Attackers are becoming much more sophisticated than they have been in the past. They are well-funded and are motivated by money, which makes the financial services industry a prime target.”
With a target on their backs, financial institutions’ technologies and services must be deployed in a preemptive and disciplined manner. The stakes are much higher and require a lot more diligence and urgency around protecting assets.
As the financial services industry (FSI) becomes much more distributed and much more mobile, the attack surface has broadened significantly.
How do you segment an environment so that once someone does get in, potential losses can be minimized? Traditional networks are like a castle - big, strong walls on the outside, but little structural security once you pass through the gates, which can mean major issues for institutions with a significant breach. Segmentation and continuous monitoring of the environment is key. The faster you can detect a breach, the faster you can mitigate the risk. Network segmentation provides a number of key benefits for financial institutions:
- Improved security through software-defined access
- Better control of access to resources and sensitive data
- Improved performance with minimized local traffic
- Better containment of issues and outages
How has the role of security evolved? How have priorities shifted?
“Protection has historically been the priority. The focus has now shifted to fast detection and response.”
Today, the focus has shifted from the front end of the curve to the back end. In the past, it was about the network and protecting the perimeter. Now with customers, partners, and vendors as part of a massive integrated ecosystem, there is no longer a true perimeter. Now the focus turns to the inside of the network, focusing on detection and response. Priorities are shifting to the technologies and services that enable detection and response: analytics, big data, and machine learning. Given the volume of information coming in, quick detection and response is imperative.
How is Cisco Active Threat Analytics (ATA) helping mitigate time to detect and respond?
“On average across the industry, the time to detection is numbered in weeks. And, in many cases there can be attackers within a network that are not detected for months. It is critical to be able to identify anomalies. With Active Threat Analytics, Cisco has been very successful getting time to detection down from months to hours.”
Incorporating analytics and machine learning into products is critical to the FSI, as analytics can improve detection, response, and remediation time. Being able to quickly identify threats and resolve breaches is a Cisco priority.
What makes Cisco unique?
“Our architectural approach to security, which is a combination of industry-leading products, services, and threat intelligence (Cisco TALOS), helps our customers reduce complexity, drive operational resilience, and increase the overall efficacy of their security technologies. In fact, many of Cisco’s best-of-breed security products are made even stronger through our architectural approach.”
At Cisco, we talk about the “effectiveness gap,” which references the challenges associated with an increasing number of isolated security technologies. Most of our customers do not have the resources or people to manage all the different security technologies deployed. With an architectural approach, they are able to integrate and streamline technologies and reduce complexity. And as your security increases in breadth, coverage, and depth, everything works seamlessly in unison.