Perhaps best known for its role in consumer credit ratings, Experian operates as a technology company, helping its clients manage and analyze massive amounts of financial data. The company is focused on integrating and standardizing technology across the organization, creating building blocks that would streamline global application development, and in turn help them better service their global customers.
It is important for the company to get a single view of their organizational risks. It was also clear that they needed a security partner to help move at the speed they needed to maintain innovation. Read the case study to learn how Prisma Cloud, the Cloud Native Security Platform, provides Experian with a unified view of security and compliance posture across the full cloud native stack, making life a lot easier for everyone involved.
Experian operates as a technology company, helping its clients manage and analyze massive amounts of data. Looking to consolidate disparate security tools across CSPs and manage risk at-speed to support a global DevSecOps pipeline, Prisma Cloud provides Experian with a unified view of security and compliance posture across their cloud environments and full cloud native stack, making life a lot easier for everyone involved.
Since the release of the Cybersecurity Framework (CSF) by the U.S. National Institute of Standards and Technology (NIST), organizations worldwide have implemented the framework to better understand and manage cyber risk.
Successful cyberattacks against a number of financial institutions across the globe from 2015-2018 have resulted in multiple instances of fraudulent fund transfers over the Society for Worldwide Interbank Financial Telecommunications, or SWIFT, network. As part of an effort to enhance the cybersecurity of the entire eco-system, members of SWIFT must annually self-attest to sixteen mandatory cybersecurity controls as of year-end 2017. In future years, non-compliance with these controls may result in notification to SWIFT counterparties and/or appropriate regulatory bodies. Furthermore, eleven advisory security controls are provided as best practices to further improve overall cyber hygiene across the SWIFT eco-system.
No single vendor can provide complete compliance with the entire set of SWIFT mandatory and advisory controls. However, the Palo Alto Networks Security Operating Platform delivers the following:
Support for nearly 75 percent of the SWIFT Customer Security Controls Framework, where various elements of the Security Operating Platform are able to address 12 of 16 mandatory controls and eight of 11 advisory controls.
Definitive least-privileged access control and other essential security capabilities to effectively segment and protect the local SWIFT environment.
Capabilities above and beyond the baseline specifications to more thoroughly protect your local SWIFT infrastructure and the rest of your organization’s computing environment from the latest unknown malware and advanced threats.
By leveraging the Palo Alto Networks Security Operating Platform, financial institutions will be well on their way to complying with or exceeding the SWIFT mandatory and advisory controls. Beyond merely an exercise in compliance, the prevention philosophy behind the platform will improve a financial institutions overall cyber hygiene and provide better security outcomes for the organization. The result will be a more secure environment for your financial institution – one in which legitimate traffic is known and limited, with automated security enforcement to detect and address deviations. Future annual self-attestations to SWIFT will be much less stressful as your institution’s cybersecurity posture will be above and beyond their required baseline level.
There are no flawless software systems or applications. When flaws result in security vulnerabilities, threat actors exploit them to compromise those systems and applications and, by extension, the endpoints on which they reside. Although software vendors issue patches to remediate flaws, many financial institutions do not apply all available patches to their production environments. In addition, when systems or applications reach their end-of-support, they no longer receive vulnerability patches from their vendors. These two scenarios describe the conditions under which a system or application is considered "unpatchable." When patching or upgrading is no longer feasible, security professionals need to identify alternative ways to secure the unpatchable systems and applications to support their ongoing use in the environment.
Businesses embrace digital technologies that modernize their operations and enable innovation. Yet these same technologies introduce new security vulnerabilities and new data that must be secured. The result is a costly cybersecurity arms race, in which businesses introduce new security products to counter new attack vectors. Individually-managed or standalone security products add complexity, reduce visibility, and strain under-resourced security teams.
ABG Sundal Collier is an independent Nordic investment banking powerhouse, established for more than 30 years. Its strategy is to be an advisor and an intermediary, with core product offerings in corporate advisory, corporate financing and investment research and brokerage services. Paul Mastad, IT, shares his experience with Palo Alto Networks Security Operating Platform.
Bank Central Asia is one of Indonesia’s leading retail banks. The bank has approximately 16 million customers, 1,213 branches, and 17,207 ATMs. It also manages a growing mobile and internet banking operation.
While ATMs use dedicated connectivity for transactions, mobile transactions rely on the internet to ensure everyone has full, anytime access. However, such high exposure comes with major security risks, therefore demanding the need for advanced security protection.
Fiserv is a global leader in financial services technology and helps more that 12,000 clients worldwide. Tony Gravanda, Director of Network Security Architecture and Engineering shares how Firserv saved the equivalent to 3 engineers time or approximately 6,500 hours in a span of 8 months by moving to automation on the Palo Alto Networks Security Operating Platform. With the help of the Security Operating Platform Fiserv can onboard their customers and provision their services quickly while ensuring everything is secure. Tony and his team now have the visibility into the traffic at Fiserv and can take quick action when needed.
Thousands of banks, institutional investors, asset managers, mutual funds, broker-dealers and other financial institutions across the globe prevent successful cyberattacks with the Palo Alto Networks Security Operating Platform.
Palo Alto Networks is uniquely qualified to protect financial transactions, customer data, and support regulatory compliance by providing advanced security prevention capabilities in one security platform. Automation and tight integration between components of the platform prevent successful cyberattacks. By eliminating routine tasks, security personnel may then focus on what matters. The extensibility of the platform allows financial institutions to consume security innovations quickly whether they are provided by Palo Alto Networks, third-parties, or even home-grown.
Download the whitepaper to learn how the Security Operating Platform provides layered protection across a financial institution’s network, endpoints, and cloud environments. Read about several popular use cases for the financial sector including network perimeter protection, network segmentation, security for cloud computing initiatives, protection of even difficult or impossible to patch endpoints, and as well securing both corporate and unmanaged mobile devices.
An overview of the Palo Alto Networks Next-Generation Security platform for the financial sector
The financial services industry remains a favorite target for cyberattacks. The lure of sensitive data and funds is quite strong to malicious actors. Additional challenges in securing financial institutions include their complex IT environments, continued use of legacy technology, and preference for defense in depth (which is often equated with vendor diversity). Regulators continue to impose new obligations to strengthen controls and better protect the industry.
Top threats to the industry over the past two years include various families of ransomware, remote access Trojans, and information stealers. All of these target the endpoint as this is the path to the valuable data held by the financial institution.
The traditional approach of point products for specific security functions and network perimeter-centric protection has proven to be ineffective. Reports of data breaches in the financial services industry have become commonplace. A different, and better option is a multi-layered approach based on natively integrated, security enforcement points that share threat information and revise protections accordingly. This results in automated prevention and next-generation security for the network, endpoints (servers, desktops, laptops), and the cloud.
Moreover, the use of cloud-based, dynamic malware analysis and threat intelligence enables updated preventions in as little as five minutes - across our entire customer base after the initial discovery anywhere. This applies to the local network, endpoint devices, or even the public cloud.
Download the whitepaper to read more about how our next-generation security approach is better able to protect the highly targeted financial services industry.
As the financial services industry undergoes a digital transformation to streamline operations, become more competitive, and remain relevant with their customers, they face increasing volume of cyber threats. Attackers continue to be tempted by the vast quantities of easily monetizable personally identifiable information (PII).