https://www.fintechfutures.com/wp-content/themes/fintech_child/assets/images/logo/fintech-logo.png
  • Home
  • COVID-19
  • News
  • Intelligence
    • Back
    • Analysis
    • Interviews
    • Features
    • White Papers
    • Case Studies
    • Surveys, Reports & Infographics
    • Webinars
    • Podcasts
    • Videos
    • Library
    • Techwire
    • Browse
  • Publications
    • Back
    • Banking Technology Magazine
    • Supplements
    • Daily News at Sibos
    • Subscribe to Magazine
  • Content Hub
    • Back
    • COVID-19: industry impact & response
    • Challenger Banks Guide
    • Food For Thought
    • I’m Just Saying
    • Through a Gen Z Lens
    • Ask The Expert
  • Videos
  • WTF? Podcast
  • Awards
    • Back
    • Banking Technology Awards
    • PayTech Awards
  • Advertise
  • Jobs
  • More
    • Back
    • About us
    • Contact us
    • Advertising / Media Kit
    • Banking Technology Magazine Calendar
    • Reports Calendar
    • FinTech Futures Newsletter
    • Events
  • FinTech
  • BankingTech
  • PayTech
  • RegTech
  • WealthTech
  • LendTech
  • InsurTech
  • US Edition
    • Intl. Edition
Banking Technology
  • NEWSLETTER
  • Home
  • COVID-19
  • News
  • Intelligence
    • Back
    • Analysis
    • Interviews
    • Features
    • White Papers
    • Case Studies
    • Surveys, Reports & Infographics
    • Webinars
    • Podcasts
    • Videos
    • Library
    • Techwire
    • Browse
  • Publications
    • Back
    • Banking Technology Magazine
    • Supplements
    • Daily News at Sibos
    • Subscribe to Magazine
  • Content Hub
    • Back
    • COVID-19: industry impact & response
    • Challenger Banks Guide
    • Food For Thought
    • I’m Just Saying
    • Through a Gen Z Lens
    • Ask The Expert
  • Videos
  • WTF? Podcast
  • Awards
    • Back
    • Banking Technology Awards
    • PayTech Awards
  • Advertise
  • Jobs
  • More
    • Back
    • About us
    • Contact us
    • Advertising / Media Kit
    • Banking Technology Magazine Calendar
    • Reports Calendar
    • FinTech Futures Newsletter
    • Events
  • US Edition
    • Intl. Edition
  • newsletter
  • FinTech
  • BankingTech
  • PayTech
  • RegTech
  • WealthTech
  • LendTech
  • InsurTech

bankingtech.com

bankingtech.com


Combat insider data breaches with privileged access management

  • Written by FinTech Futures
  • 5th October 2017
PAM to the rescue!

PAM to the rescue!

The high risk of cybercrime for financial institutions means that they are generally quick to adopt new technologies which may alleviate the risk of a breach. However, banking institutions can often be held back by legacy infrastructure and applications, due to the sheer scale of their IT operations, which can prove costly to upgrade.

It’s no secret that banks store huge amounts of sensitive data, which offer lucrative financial reward for a cyber criminal. Financial organisations also need to comply with strict industry and government regulations, which require them to examine and record all access to sensitive information. This is why banks need to prioritise the protection of their clients’ identities and their own privileged users’ accounts, as these are top priority targets for criminals.

This is where the large, distributed nature of financial services infrastructure can present a problem. These kinds of IT systems are often managed by hundreds of system administrators and having enough employees focused on security at any one time can prove difficult.

Whilst password based access can help to limit access, it’s relatively simple for a hacker to infiltrate financial IT system accounts by using social engineering tactics. Another problem is the malicious insider and even employees who have decided to go rogue. Security teams in banking institutions must look for more advanced security solutions which meet their complex needs and allow them to shift their focus to insider threats, whilst also monitoring user activities in real-time. This way they will be able to continuously audit who is doing what in their IT systems.

Effective incident response

After an incident, answering the question of “who did what” is absolutely crucial, but it’s often the hardest aspect of incident response. Organisations want to determine what happened as quickly as possible, in order to meet government and compliance regulations. This often means that security teams end up analysing thousands of logs during a breach investigation, when time and resources could be better spent elsewhere. And when and incident involves misused privileged account access, this can further complicate matters.

The fact is, privileged insiders and attackers with access to credentials can cover their tracks by modifying or deleting log files. This makes it even more difficult to determine the roots of the attack. This has led to a rise in popularity of this particular attack method.

What can banks do to manage privileged access incidents?

The first thing for banks to consider is their access policy. There must be a proper access policy in place, which should be based on the least privilege rule. Potential insider threats should also be easily identifiable at the earliest stages.

Luckily, there are tools which can help speed up the incident response process. By deploying a privileged access management (PAM) solution, security teams can gain centralised authentication and access-control points in the IT environment. This provides access control, session recording and auditing to prevent security breaches and speed up forensics investigations.

Additional security that doesn’t burden users with further limitations can be attained by implementing an agentless, transparent proxy technology. The data collected from the monitoring solution can be used to build up a profile for each privileged user to determine their standard behaviour. Privileged account analytics can then be used to spot irregularities in real-time, which are then brought to the attention of the security teams, who are equipped to deal with a breach as it occurs.

Easing the limitations of SIEMs with PAM tools

Security information and event management (SIEM) systems have become integral to enterprise security management. These systems process and correlate the alerts coming from various security systems. However, there are limitations with SIEM tools. They rely on being fed only by system log messages, and they lack the contextual information on privileged user activity.

Privileged accounts are now the main target for criminals, financial organisations need to move towards collecting inclusive data on the activities happening on privileged accounts in order to perfect the incident response process.

Another problem that arises with SIEM tools is that they only look for threats that have already been identified and fall under their pre-programmed rules. This means that if an attacker were to use an unknown method of attack, the SIEM would fail to detect it, as it would be unaware that it even existed.

Analysts can often be so overwhelmed with the security alerts generated by SIEMs that it can prove impossible to work out which alerts are the most pressing. Even if they create a shortlist of alerts, they have a small window of time to investigate and ascertain if a red-flag alert is a false positive or if it represents an actual incident which is taking place.

In the wake of a breach, PAM tools can help to promote incident management competence by adding information sources which are able to detect and analyse privileged user based attacks. Swift investigations and making rapid, well-informed decisions can prove challenging for organisations and require data in real-time to make clear the context of a suspicious event.

An access management tool can provide risk-based scoring of alerts, rapid search and clear and concise evidence. Increasingly sophisticated cyberattacks have become the new normal for banks and financial institutions, along with introduction of more strict compliance regulations, banks must ensure that they have the best processes in place to recover from incidents quickly. This is made much more difficult with the absence of relevant and reliable data recordings of individual user sessions and can become more expensive and in some cases, inconclusive.

By implementing advanced PAM solutions, organisations can collect and analyse information about privileged access accounts and their activity. By having the ability to easily reconstruct and analyse user sessions, the costs and time taken for an investigation is greatly reduced.

These tools also provide risk-based alerting as well as searchable, easy to interpret records about user activities. This way, analysts can quickly find the root cause of a problem. A PAM tool provides a fast return on investment (ROI) in the challenge of incidents related to privileged accounts. They can be easily and seamlessly integrated into security operations centre (SOC) environments, making security operations much more successful.

By Csaba Krasznay, security evangelist, Balabit

Tags: Cybersecurity Balabit, data breach, PAM, privileged access management, SIEM Analysis, Industry Comment

Leave a comment Cancel reply

-or-

Log in with your FinTech Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related


  • Three things banks must do to thrive in 2021
    It is the banks who invest now and execute effectively, that will come out on top.
  • The US market: are EU-based challengers coming to rustle up some feathers?
    A deep dive and step-by-step comparison of US banks' and EU challengers' capabilities.
  • Introducing "it's a matter of comms"
    Welcome to #itsamatterofcomms! A new bi-weekly vlog!
  • Reimagining the financial system with tokenised barter
    Modern blockchain powered barter systems will change the way we view accessing, growing, and owning wealth.
  • Is 2021 the year to inspire better banking?
    Sanat Rao says the time is right to invest in back-end systems change.
  • Danish edtech Female Invest targets UK expansion with $1.6m fresh capital
    “It makes a big difference when you see someone like you on a platform."
  • Affirm’s IPO is a wake-up call for banks
    Affirm is placing pressure squarely on banks and fintechs to challenge its BNPL market share.
  • How brands are becoming the banks of tomorrow
    To understand what the bank of tomorrow looks like, we must first understand how they developed.

Related Content

  • How to optimise your digital account opening process
  • A look inside MENA investor Global Ventures’ fintech portfolio
  • Reinvention: the lessons banks can learn from Bowie and Madonna
  • This "new normal" looks pretty familiar to me

Dock - virtual roundtables

Dock is free to attend for banks and FIs

Click here to register

Sponsorship opportunities available at Dock

Click here for more info

Magazine

Banking Technology February issue out now

10th February 2021

Banking Technology December/January issue out now

16th December 2020
view all

Webinars

Webinar: How to stop massive mobile banking fraud with app security and risk-based authentication

9th February 2021

Webinar: Deep dive on ServiceNow’s purpose built product for finserv operations

7th January 2021

Banking Tech Awards 2020 hosted online by Tom Ward

30th November 2020
view all

Reports & Surveys

Report: The power of data analytics in fintech solutions

25th February 2021

Omdia Universe 2020-21: Temenos recognised as a leader for digital banking platforms

15th December 2020

Report: Digital KYB – a springboard to customer onboarding success

30th November 2020
view all

Content Hubs

COVID-19: industry impact & response

26th June 2020

The rise of challenger banks around the world

26th June 2020
view all

Podcast

What the Fintech? | S.2 Episode 5 | Rising to the top

25th February 2021

What the Fintech? | S.2 Episode 4 | TMRW never dies: digital banking in the ASEAN

18th February 2021

What the Fintech? | S.2 Episode 3 | Israel’s mobile lending tech scene

5th February 2021
view all

Videos

Video: Top fintech stories this week – 19 February 2021

19th February 2021

Video: Top fintech stories this week – 12 February 2021

14th February 2021

Video: Top fintech stories this week – 05 February 2021

5th February 2021
view all

White Papers

Embedded insurance: a $3tn market opportunity, that could also help close the protection gap

4th January 2021

White paper: The business value of ServiceNow for retail banks

12th December 2020

E-book: Migration to cloud – your guide to delivering an intuitive customer experience

8th December 2020
view all

Techwire

KBRA Releases The Bank Treasury Newsletter, The Bank Treasury Chart Deck, and Bank Talk: The After-Show

24th February 2021

BankShift Launches Nationwide For Consumers To Manage And Transact On All Of Their Financial Accounts In One App

24th February 2021

Atria Wealth Solutions Partners with Riskalyze to Empower Financial Professionals with Holistic View on Client Risk

24th February 2021

New Fifth Third Momentum® Banking Offers Checking with No Monthly Fees and a Simple Digital Account Opening Experience

24th February 2021

GiveSignup Closes Series A Funding Round To Compete With Eventbrite, GoFundMe and Classy

24th February 2021

FINCAD Launches Accounting CVA Services for Japanese Financial Institutions

24th February 2021

Buckle Adds Crash Risk Data from TNEDICCA to Auto Insurance Underwriting for Better, Fair Rates for TNC Drivers

24th February 2021

Successful ETF Entrepreneur Returns, Levels the Playing Field with ASYMmetric ETFs™

24th February 2021
view all

Twitter

FinTech_Futures

You called me "How a company treats you through the recruitment process tells you everything you need to know abou… twitter.com/i/web/status/1…

26th February 2021
FinTech_Futures

ICYMI funding round-up: @zolve_officia, Symple Loans, Butn, @FundGuard & more fintechfutures.com/2021/02/icymi-…

26th February 2021
FinTech_Futures

.@atom_bank plans £40m shareholder fundraise in prep for future IPO fintechfutures.com/2021/02/atom-b…

26th February 2021
FinTech_Futures

The power of #data #analytics in #fintech solutions "The data revolution is already here" Read the report- fintechfutures.com/2021/02/report…

26th February 2021
FinTech_Futures

Former international footballer Rio Ferdinand [@rioferdy5] invests in Sokin [@SokinGlobal] fintechfutures.com/2021/02/former…

26th February 2021
FinTech_Futures

.@TheFCA makes handful of executive appointments to boost data strategy fintechfutures.com/2021/02/fca-bo…

26th February 2021
FinTech_Futures

Kalifa's UK fintech report warns "others are waiting for our crown to slip" #RonKalifa #fintech fintechfutures.com/2021/02/kalifa…

26th February 2021
FinTech_Futures

US credit builder @Petal closes $125m debt facility fintechfutures.com/2021/02/us-cre…

26th February 2021

Free webinar: How to stop massive mobile banking fraud

08 March 2021

US Challenger banks: who's who & what's their tech

Free to read

Banking Technology Magazine February 2021

Free digital edition

Banking Tech Awards 2020 Winners Supplement

Free digital edition

Fintech Futures
  • About us
  • Advertise with us
  • Contact us
  • Fintech jobs
  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X