From the Blogosphere
Become So Hard to Hack, It’s Not Worth the Trouble | @CloudExpo #Cloud
Cyber security, resiliency, accountability of IT systems at financial services organizations is rarely out of national headlines
By: Vormetric Blog
Aug. 5, 2015 11:30 AM
For Financial Services Firms - The Trick Is to Become So Hard to Hack, It's Not Worth the Trouble
The cyber security, resiliency and accountability of IT systems at financial services organizations is rarely out of national headlines. Firms that operate in the financial space hold extremely sensitive data, so therefore attackers usually consider the effort and risk of attacking them worth the potential reward.
Fortunately, financial services organizations are making increasing investments in order to make the effort (and financial outlay) required to attack them so high as to make them an impractical target. This recent article in the Financial Times mentions some of the interesting steps that organizations are taking in order to drive up the operational costs of would-be attackers, as well as some of the figures involved in the investment in cyber security by banks and other financial sector businesses.
These developments are likely to result in a future where all information held by an organization would be so costly and time consuming to steal, doing so becomes an almost impossible task. Of course, the most effective way to do this is to encrypt by default.
In the past, organizations only encrypted for protection what they were forced to protect by compliance requirements. However, advances in encryption technology mean that it is now faster and easier to secure more data with encryption than ever before. As such, any business handling sensitive payment and financial data can put an increasing amount of encryption, granular access controls and data access monitoring in place. It is this combination of technologies that reduces the attack surface available by limiting who, what, when, where and how data can be accessed, and keeps a careful eye on those with a legitimate need to access it by monitoring their data access patterns for behaviour that may indicate an attack in progress.
Really, this is all about making potential attackers ask if your organization is more trouble than it is worth. If it is, you’re moving in the right direction.
Latest Cloud Developer Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week