• August 29, 2016

Backers vs. Hackers: Why Financial Institutions Must Up Their Game

Financial institutions are increasingly vulnerable to cyber threats.

Last December, the New York State Department of Financial Services made public its plans to dramatically change how banks and financial institutions approach cybersecurity. The motivation behind these proposed regulations: Financial institutions are increasingly vulnerable to cyber threats.

In May, the FDIC reported five major data breaches of taxpayers’ personal information—an incident that came as no surprise to financial services cybersecurity experts. In fact, a recent report found that 90 percent of IT security leaders in financial services feel vulnerable to experiencing a similar data breach, while 44 percent of those leaders say they’ve already experienced one.

Hack Yourself Before the Hackers Do

So, what’s the solution?

At a time when cybersecurity breaches are commonplace in this industry, financial organizations can’t afford to be technological laggards. Instead, they must challenge themselves and their security procedures to stay ahead of the nefarious cyber attack groups whose entire business model revolves around finding new, innovative ways to penetrate financial organizations’ data. To do this, financial services firms must invest in technology and infrastructure that enable them to out-hack the hackers.

The Critical Role of DevOps in Financial Services Security

As Chandra Rangan, HPE Vice President of Enterprise Security Products, explains in this video, financial services IT leaders no longer need to weigh the trade-off between speed, security, and reliability. With DevOps, financial organizations’ IT departments can facilitate innovation through speed deployment, while still proactively protecting against security breaches.

Specifically, DevOps enables security through:

  • Frequency of testing. By automating static and dynamic security testing to identify and fix software vulnerabilities, organizations are able to more frequently assess the risks and the remediation required.
  • Faster remediation of security gaps. With the right tools, DevOps empowers the developer to identify and fix vulnerabilities immediately—right at the source—as they are writing code.
  • Compensating controls for added protection. Speed deployment can introduce risk, but runtime application self-protection (RASP) mitigates this by protecting vulnerabilities that are in production until you are able to correct them.

Of course, that simply scratches the surface of how DevOps and other technologies can enable financial services firms to take more aggressive steps toward security innovation. The message is clear, however: Collectively, these steps allow your organization to function at the speed required to stay ahead of the hackers trying to disrupt your organization.

Like this story? Find out where your vulnerabilities are with this self-assessment.