I spent this week in Tokyo Japan meeting with a few dozen financial services organizations. The primary purpose of my visit was to work with a few folks from the local McAfee team, pictured here, to discuss threats and trends within the financial services industry.
Financial institutions are diverse with multiple business models such as: private banks, investment services including asset and hedge fund management, stock brokerages, insurance, and conglomerates. These organizations are highly competitive because differentiators between financial services organizations are often opaque. They are extremely dependent on their IT assets operating as designed and even small issues over a limited amount of time can cost millions. And in a business where keeping sensitive, private data safe is paramount, the volume, velocity and variety of data passing through their mission-critical assets can be staggering and can require substantial capital and operational expenditures to protect. As such, there are four key areas they are focusing: cost reduction, data protection, agility, and compliance.
Within security, total cost of ownership reduction has historically been associated with risk avoidance and stopping “bad things” from happening. However, with an optimized security model the cost savings are no longer in the realm of subjective guesswork.
It used to be that every issue had a dedicated technical solution. Each solution required an agent. That agent needed a console, and that console needed a server. There was probably also a database, the need to have support staff, rack space, power, connectivity, etc. All of a sudden, a point security solution becomes much more expensive than the cost of the product. By reducing the footprint, minimizing agents, consoles, servers, maintenance, licenses, IT support, contract negotiations, and the like, real cost is reduced, security is improved, and operational efficiencies are gained.
At the heart of every financial institution is sensitive data. This data has value and that value transcends legitimate and illegal uses. As such prudence dictates that at the heart of every financial institution’s security strategy resides controls for protecting sensitive data.
A connected security framework includes multiple data-centric controls such as DLP, encryption, and DAM, but it also leverages other controls around networks and endpoints to enrich those solutions. Regardless of external attacks, internal attacks, or careless activity that puts sensitive information as risk, having a connected framework will enhance data security situational awareness while providing greater control and resulting in a reduced risk posture.
Employees and customers alike are demanding access to anything, anytime, anywhere, from any device – they want agility. As we move from IPv4 to IPv6 the level of connectedness is going to increase exponentially. These trends are already driving change within financial institutions in areas like mobility. Another change that requires an agile security framework with a holistic approach is next generation datacenter security that has become vastly important in the face of trends like consolidation, virtualization, and cloud services. And if this wasn’t enough, IT is stilling being called upon to address threats like APTs and insiders. Having separate solutions in silos with no connectivity lacks the underlying framework and thus the agility to scale in today’s business place.
Simply put, financial institutions aren’t being asked to be agile enough to embrace new trends; they are being told by business leaders and customers alike. Because the trends they are being asked to address will often change, it’s important to have an agile framework that’s not dependent on point solutions in silos. McAfee offers a better way to minimize risk and say “yes” to new requirements. And as additional devices get brought into the mix, the situational awareness is enriched because now there are more data points such as details from that server, that user, that piece of data, that mobile device – so more informed decisions can be made more quickly. With a deep understanding that complexity is the number one enemy of security, McAfee has designed it’s solutions around the security connected framework to be easy to use without sacrificing the scalability financial institutions require, and always remembering that security is the imperative.
From a technical perspective getting compliant often starts with discovering where the assets, which are subject to regulations, are located. Because systems, data, and users are always moving around, this is a continuous process. Once the data is discovered it becomes necessary manage the information so that’s is available and usable when needed, and in the case of financial institutions more likely than not, there will be multiple regulations to address. This is why many IT organizations cite that generating reports to demonstrate regulatory compliance is one of the most time consuming and costly initiatives they have. Further, many IT organizations still have separate solutions responsible for security and compliance thus ensuring that there will be wasted resources and disjointed processes.
The McAfee security connected framework streamlines the compliance process. Centrally aggregating management and reporting accomplish this. The interface is the same regardless of the McAfee products and partner products that are integrated, so it’s fast and easy to get the information needed, create the reports, and move on. Because the information can be analyzed in real-time, compliance can be treated as a continuous process just like security, instead of snapshots in time. Finally, because the technical controls are aligned across security and compliance, the operational controls and processes can be aligned too, thus further creating synergies between security and compliance efforts.
As part of the McAfee Security Connected framework, there are a few key technologies that stood out among the rest in terms of the interest level from the financial services customers we met with.
- Application whitelisting
- Hardware-assisted security (secure silicon)
- Context-aware SIEM
- Reputation threat feeds
- Security for virtual environments
- Security for cloud environments (especially identity management and data security)
- Data security in the form of encryption, DAM, and DLP
As a stand-alone product all of these provide value. But as part of an integrated McAfee Security Connected framework the overall security posture is improved, risk is more effectively mitigated, and operational efficiencies are gained that reduce cost and yield a more agile and effective IT infrastructure.