Lawrence Chin examines the benefits of network segmentation for financial institutions.

Customer spotlight: Bank OCBC NISP cuts management time in half with Palo Alto Networks next-generation security platform.

Public cloud Infrastructure as a Service (IaaS) offerings, such as AWS, can quickly accommodate unexpected or temporary business computing workloads. However, proper alignment of security and resiliency to enterprise standards and policies is still required. Significant concerns over the security of data, workload and infrastructure have slowed the adoption of public cloud services by the financial services industry. Regardless of where it resides, the financial institution’s data is, ultimately, the target of malicious entities. Consequently, measures to appropriately protect the data must be enacted for the public cloud as well. Download our use case to learn how Palo Alto Networks can help your organization protect IaaS hybrid clouds in financial services.

Governments and businesses must continuously assess the use of new applications and services that improve processes and operations. As such, they must weigh the business benefits from the adoption of newly sanctioned applications against potential risk to the business, its data and other resources. Applications themselves, such as remote access, can represent undue risk. In addition, if applications are not appropriately secured in the business network, today’s attackers can hide communications within the very communication mechanisms the applications use. Adoption of security that appropriately identifies, granularly controls and secures enterprise applications can be slow if those charged with such controls don’t understand the necessity, value or ease with which appropriate controls can be adopted. Download our use case "Secure the Network through Application Visibility" for the benefits of this approach, along with some common concerns over adoption, and read about the experiences of several customers across different industries who made this transition.

Learn how Palo Alto Networks helps protect virtual machines in a private data center for the financial services industry, and read about one anonymous financial institution’s private cloud deployment.

At Bank OCBC NISP, Palo Alto Networks PA-5060 next-generation firewall prevents threats and safely enables applications over the bank’s internet gateways across two data centers. In addition, the WF-500 appliance provides WildFire™ threat analysis service as an on-premise, private cloud to analyze suspicious files in a sandbox environment without the need to send them outside the bank’s network.

With new banking regulations beginning next year, how can cybersecurity professionals ensure that their organization will be ready?

Advanced attacks have been able to evade traditional security measures, target specific users and vulnerable applications, steal sensitive information or commit outright fraud. One approach to preventing such advanced persistent threats (APTs) is to identify and protect against new exploits, malware and malicious URLs. This can be accomplished by “sandbox” analysis of unknown threats. Organizations such as financial institutions that are uncomfortable with cloud-based threat analysis may choose on-premise threat analysis solutions to address any data privacy concerns. Download this whitepaper to read about how Financial Services organizations can use on-premise threat analysis solutions to mitigate compliance risks and maximize prevention against cyberattacks.

Establishing, maintaining and demonstrating compliance with the Payment Card Industry Data Security Standard (PCI DSS) is a necessity for all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD). For all system components included in or connected to the Cardholder Data Environment (CDE), organizations must comply with more than three hundred requirements. It is in every organization’s best interest, therefore, to take advantage of network segmentation provisions stated in the PCI DSS to effectively isolate their CDE and thereby decrease the amount of infrastructure that is considered in scope. Download our use case "Simplify PCI Compliance With Network Segmentation" to learn how Palo Alto Networks Next-Generation Security Platform delivers maximum protection for an organization’s entire computing environment while greatly reducing the scope of PCI compliance.

Vakifbank chose to strengthen End-Point Security and reduce its attack surface with Palo Alto Networks Traps

Private cloud computing provides businesses with flexible, scalable, on-demand IT resources. However, security remains a significant challenge. The very principles that make cloud computing attractive run counter to cybersecurity best practices, such as separation and segmentation. Malicious actors seek these open environments where much of the lucrative data they desire can be found, and if a virtual environment, without proper security and segmentation in place, is compromised, the attacker has access to everything – critical data included. Download the Network Segmentation use case to see how the Palo Alto Networks Next-Generation Security Platform applies segmentation to increase security and protect applications and data in a virtualized data center.

With the New York State Department of Financial Services cybersecurity regulations going into effect March 1st, Lawrence Chin examines the biggest changes that financial institutions can expect over the next several months.

Our recently released PAN-OS 8.0 empowers financial institutions to prevent today’s advanced threats with better integration and information sharing across the network, endpoints and cloud.

Read how thousands of banks, institutional investors, asset managers, broker-dealers and financial institutions across the globe prevent successful cyberattacks.

This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in …

This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017. This year saw some notable cybersecurity events in the financial services industry, including thefts from a number of SWIFT (Society for Worldwide Interbank Financial Telecommunication) member banks and from malware-infected ATMs in Asia. As we look ahead to 2017, I predict that we’ll see the following cybersecurity trends in the financial services industry.

This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017. This year saw some notable cybersecurity events in the financial services industry, including thefts from a number of SWIFT (Society for Worldwide Interbank Financial Telecommunication) member banks and from malware-infected ATMs in Asia. As we look ahead to 2017, I predict that we’ll see the following cybersecurity trends in the financial services industry.

This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017. This year saw some notable cybersecurity events in the financial services industry, including thefts from a number of SWIFT (Society for Worldwide Interbank Financial Telecommunication) member banks and from malware-infected ATMs in Asia. As we look ahead to 2017, I predict that we’ll see the following cybersecurity trends in the financial services industry.

Unit 42 tracks Nigerian Threat Actors and finds they've evolved into capable and formidable adversaries successfully attacking major companies and governments.

In 2016, payments by credit or debit cards will exceed the use of cash for the first time in history. Although the popularity of electronic payments will continue to grow, cash will …

Read now network segmentation in the private cloud can protect resources on the internal network should hackers get past perimeter security controls.

In recent months, reports of several breaches at SWIFT (Society for Worldwide Interbank Financial Telecommunications) member banks have come to light. Across these incidents, local security was compromised, and valid credentials were …

The Security Reference Blueprint for Financial Services IT enables institutions to augment the security of existing infrastructure, enable new applications, provide greater access to data, and prevent advanced threats without disrupting vital operations.

By taking a pragmatic approach to introduce network segmentation, financial institutions can minimize business disruption and reap benefits, such as limited exposure after an intrusion, and reductions in lost productivity, remediation costs, and reputational damage from actual loss of personally identifiable information (PII) or financial data. This white paper discusses how network segmentation enables financial institutions to survive intrusions and minimize or prevent data breaches.

(This blog post is also available in Japanese.) In our May 2016 blog post, we described Japan’s new Cybersecurity Guidelines for Business Leadership Version 1.0, issued by the Japanese Ministry of Economy, …

Background In February, stolen credentials of a Bangladesh bank were used to submit fraudulent fund transfer requests via the Society for Worldwide Interbank Financial Telecommunication (SWIFT) network. A small number of these …

In May 2016, Unit 42 observed targeted attacks primarily focused on financial institutions and technology organizations within Saudi Arabia. Artifacts identified within the malware samples related to these attacks also suggest the …

Hear Matthew McLimans, Sr. Network Security Engineer at Warren Rogers Associates discuss how the Palo Alto Networks Next-Generation Security Platform deployed in Amazon Web Services (AWS) segments network traffic coming from thousands of remote data collection devices, prevents malicious traffic from infiltrating fuel system diagnostics and reporting systems, white-lists applications and services, and segments cardholder data to ensure PCI compliance in the company’s cloud-based data center.

Earlier this month, the Financial Services Information Sharing and Analysis Center (FS-ISAC) held its annual summit in Miami. Attended by over 1,100 individuals, this was a highly concentrated gathering of information security …

There has been much media coverage of ransomware over the past several months. The healthcare industry has been in this spotlight most recently, but financial services is certainly not immune to this …