Dans le secteur de la Finance, les cyberattaques restent monnaie courante. D’après le rapport d’enquête 2017 sur les compromissions de données1 de Verizon®, la Finance collectionne même des distinctions dont elle pourrait bien se passer : n°1 au classement des compromissions avérées, top 3 des industries les plus touchées par les ransomwares et top 4 en nombre d’entreprises victimes d’incidents de sécurité. Sans surprise, l’édition 2016 de ce rapport avait elle aussi mis l’accent sur l’attention toute particulière dont les services financiers font l’objet dans le milieu du cybercrime.

Vertrauenswürdige Finanztransaktionen und der Schutz personenbezogener Daten sind Grundvoraussetzungen für den Erfolg (oder sogar das Überleben) von inanzinstituten – von den größten Handels- und eschäftsbanken bis zu kleinen Vermögensverwaltungsgesellschaften. Als Verwalter privater und geschäftlicher ermögenswerte zählt die Finanzbranche zu den orrangigen Angriffszielen von Cyberkriminellen.

Cyberkriminelle haben die Finanzbranche nach wie vor im Visier. Laut dem Data Breach Investigations Report 20171 von Verizon® liegt die Branche bei bestätigten Angriffen auf Platz 1, bei Ransomware-Kampagnen befindet sie sich unter den ersten Drei und bei Sicherheitsvorfällen aller Art unter den ersten Vier. Im Vorjahr hatte die Branche bereits ähnlich bgeschnitten.

Des plus petits cabinets de conseil en gestion d’actifs et de patrimoine aux plus grandes banques d’affaires et de détail, le maintien de la confiance dans les transactions financières et la protection des données personnelles s’avère indispensable à la croissance, voire à la survie même de tout un secteur d’activité. En tant que principal dépositaire des actifs des particuliers et des entreprises, l’industrie de la Finance fait partie des cibles de prédilection des cybercriminels.

Thousands of banks, institutional investors, asset managers, mutual funds, broker-dealers and other financial institutions across the globe prevent successful cyberattacks with the Palo Alto Networks Security Operating Platform. Palo Alto Networks is uniquely qualified to protect financial transactions, customer data, and support regulatory compliance by providing advanced security prevention capabilities in one security platform. Automation and tight integration between components of the platform prevent successful cyberattacks. By eliminating routine tasks, security personnel may then focus on what matters. The extensibility of the platform allows financial institutions to consume security innovations quickly whether they are provided by Palo Alto Networks, third-parties, or even home-grown. Download the whitepaper to learn how the Security Operating Platform provides layered protection across a financial institution’s network, endpoints, and cloud environments. Read about several popular use cases for the financial sector including network perimeter protection, network segmentation, security for cloud computing initiatives, protection of even difficult or impossible to patch endpoints, and as well securing both corporate and unmanaged mobile devices.

Regional credit union bank gains complete visibility and control to secure all traffic on its network from cyberthreats and malicious attacks

Traditionally, the financial-services industry (FSI) has been viewed as being more mature than other industries when it comes to planning, preparing for, and preventing cybersecurity incidents. Even for an industry compliant in nascent optional and mandatory cybersecurity regulations, FSI firm must be concerned about cyber-threats that are constantly evolving and shifting, making consistent planning and preparation an ever-present concern. Financial...

Learn how PAN-OS 8.1 bolsters confidence and control in the growing use of the public cloud by financial institutions

2018 predictions & recommendations: cyber hygiene for financial institutions found non-compliant with SWIFT mandatory security controls.

Palo Alto Networks and De Nederlandsche Bank agree on preapproved “Right to Examine” clause

Lawrence Chin examines the benefits of network segmentation for financial institutions.

Customer spotlight: Bank OCBC NISP cuts management time in half with Palo Alto Networks next-generation security platform.

Public cloud Infrastructure as a Service (IaaS) offerings, such as AWS, can quickly accommodate unexpected or temporary business computing workloads. However, proper alignment of security and resiliency to enterprise standards and policies is still required. Significant concerns over the security of data, workload and infrastructure have slowed the adoption of public cloud services by the financial services industry. Regardless of where it resides, the financial institution’s data is, ultimately, the target of malicious entities. Consequently, measures to appropriately protect the data must be enacted for the public cloud as well. Download our use case to learn how Palo Alto Networks can help your organization protect IaaS hybrid clouds in financial services.

Governments and businesses must continuously assess the use of new applications and services that improve processes and operations. As such, they must weigh the business benefits from the adoption of newly sanctioned applications against potential risk to the business, its data and other resources. Applications themselves, such as remote access, can represent undue risk. In addition, if applications are not appropriately secured in the business network, today’s attackers can hide communications within the very communication mechanisms the applications use. Adoption of security that appropriately identifies, granularly controls and secures enterprise applications can be slow if those charged with such controls don’t understand the necessity, value or ease with which appropriate controls can be adopted. Download our use case "Secure the Network through Application Visibility" for the benefits of this approach, along with some common concerns over adoption, and read about the experiences of several customers across different industries who made this transition.

Learn how Palo Alto Networks helps protect virtual machines in a private data center for the financial services industry, and read about one anonymous financial institution’s private cloud deployment.

At Bank OCBC NISP, Palo Alto Networks PA-5060 next-generation firewall prevents threats and safely enables applications over the bank’s internet gateways across two data centers. In addition, the WF-500 appliance provides WildFire™ threat analysis service as an on-premise, private cloud to analyze suspicious files in a sandbox environment without the need to send them outside the bank’s network.

With new banking regulations beginning next year, how can cybersecurity professionals ensure that their organization will be ready?

Advanced attacks have been able to evade traditional security measures, target specific users and vulnerable applications, steal sensitive information or commit outright fraud. One approach to preventing such advanced persistent threats (APTs) is to identify and protect against new exploits, malware and malicious URLs. This can be accomplished by “sandbox” analysis of unknown threats. Organizations such as financial institutions that are uncomfortable with cloud-based threat analysis may choose on-premise threat analysis solutions to address any data privacy concerns. Download this whitepaper to read about how Financial Services organizations can use on-premise threat analysis solutions to mitigate compliance risks and maximize prevention against cyberattacks.

Vakifbank chose to strengthen End-Point Security and reduce its attack surface with Palo Alto Networks Traps

With the New York State Department of Financial Services cybersecurity regulations going into effect March 1st, Lawrence Chin examines the biggest changes that financial institutions can expect over the next several months.

Our recently released PAN-OS 8.0 empowers financial institutions to prevent today’s advanced threats with better integration and information sharing across the network, endpoints and cloud.

This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in …

This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017. This year saw some notable cybersecurity events in the financial services industry, including thefts from a number of SWIFT (Society for Worldwide Interbank Financial Telecommunication) member banks and from malware-infected ATMs in Asia. As we look ahead to 2017, I predict that we’ll see the following cybersecurity trends in the financial services industry.

This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017. This year saw some notable cybersecurity events in the financial services industry, including thefts from a number of SWIFT (Society for Worldwide Interbank Financial Telecommunication) member banks and from malware-infected ATMs in Asia. As we look ahead to 2017, I predict that we’ll see the following cybersecurity trends in the financial services industry.

This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017. This year saw some notable cybersecurity events in the financial services industry, including thefts from a number of SWIFT (Society for Worldwide Interbank Financial Telecommunication) member banks and from malware-infected ATMs in Asia. As we look ahead to 2017, I predict that we’ll see the following cybersecurity trends in the financial services industry.

Unit 42 tracks Nigerian Threat Actors and finds they've evolved into capable and formidable adversaries successfully attacking major companies and governments.

In 2016, payments by credit or debit cards will exceed the use of cash for the first time in history. Although the popularity of electronic payments will continue to grow, cash will …

In recent months, reports of several breaches at SWIFT (Society for Worldwide Interbank Financial Telecommunications) member banks have come to light. Across these incidents, local security was compromised, and valid credentials were …

The Security Reference Blueprint for Financial Services IT enables institutions to augment the security of existing infrastructure, enable new applications, provide greater access to data, and prevent advanced threats without disrupting vital operations.

By taking a pragmatic approach to introduce network segmentation, financial institutions can minimize business disruption and reap benefits, such as limited exposure after an intrusion, and reductions in lost productivity, remediation costs, and reputational damage from actual loss of personally identifiable information (PII) or financial data. This white paper discusses how network segmentation enables financial institutions to survive intrusions and minimize or prevent data breaches.