It was announced towards the end of last year that a new police Cyber Crime Unit is to be set up to protect Britain against the growing threat of attacks on the Internet and in electronic communications in general.
The new team will be in place by 2013 and forms part of a GB pound 650 million Government drive to tackle what the coalition believes to be a real and growing threat to the UK’s national interests from cyber attacks perpetrated by organised criminals, terrorists, hostile states and hacktivists.
The Government has estimated that cybercrime costs the UK a whopping GB pound 27 billion per year.
In the financial sector, cybercrime continues to increase and is a major cause of losses, ahead of accounting fraud, bribery, corruption and money laundering.
According to a recent global report by PwC, cybercrime is the second most commonly reported economic crime affecting financial services firms. Of the 3,877 business surveyed across 78 countries, cybercrime accounted for 38% of criminal incidents for financial companies compared with only 16% in other businesses.
Account takeovers, third party payment processor breaches, securities and market trading exploitation (as well as mobile banking schemes) are just a few of the types of damaging cybercriminal exploits.
Protecting critical financial infrastructures
With an established underground economy servicing the needs of the market for stolen and compromised data, financial organisations need to protect their critical infrastructures as cyber threats become increasingly sophisticated and wide-ranging.
Delivering adaptive and flexible security to aid compliance monitoring and control is an absolute ‘must’.
In order to secure data and assets, and manage and minimise network security risks, financial services firms should be looking to implement technologies based on three key considerations: agility, high performance and ow latency.
Agility
Traditional security tools were designed for stable, slow-changing environments. They weren’t built to deal with today’s ever-changing conditions and new attacks.
In order to be agile, modern security technologies must be able to do four things: see everything in the environment including assets and users on the network and attacks against them, learn by applying security intelligence to this data, adapt defenses automatically and act in real time for the fastest possible protection.
Through a continuous process of ‘see, learn, adapt and act’ security technologies that are agile can deliver more effective protection for financial services firms because they have the ability to respond to continuous change.
High performance
Performance is critical to financial services networks. Security appliances that include specialised acceleration technology to speed flow and packet handling as well as multiple processors to expedite acquisition and classification of network traffic and application and control plane processing offer the massively parallel processing power to handle demanding throughput requirements.
To be certain vendor claims of performance are reliable, end users in the financial world should consult third party labs which regularly conduct tests of the latest IT security solutions and provide an efficient and neutral way gain validation.
Low latency
In the case of network security appliances, latency refers to the delay a device introduces to a network. Real-time financial services applications, such as high-frequency trading and transaction processing are extremely sensitive to latency. Microseconds can translate into billions of dollars gained or lost.
One way to reduce latency is to consolidate security functionality on a single device. Multiple-point solutions each with their own device introduce their own latency that soon compounds. However, simply consolidating security functionality on a single device can still introduce delay and increase latency if each security solution has its own engine.
Instead, devices that offer a single-pass engine are designed for minimal latency. By sharing processing across multiple security applications (ie monitoring and assembling data packets for security processing and inspection), a single-pass engine affords efficient application of multiple security functions (access control, threat detection and inspection, behavior analysis, host profiling, etc) while maintaining high throughput performance.
When evaluating security technologies that include a single-pass engine and consolidated functionality (for example a next generation firewall with integrated intrusion prevention capabilities), make sure the technology includes next generation capabilities through and through.
Put simply, any security technologies that sacrifice protection to achieve lower latency may expose the organisation to risk.
‘Time equals money’
The financial services industry embodies the term ‘time equals money’. In a sector in which many of the products are commodities, customer experience, confidence, trust, productivity and protection are critical to success.
Security technologies that leverage the latest advances in design and engineering to deliver agility, high performance and low latency without compromising protection can mean the difference between profits and problems.
Leon Ward is field product manager at IT security specialist Sourcefire UK
