Despite the cloud computing trend, financial institutions still have significant capital investments in traditional IT infrastructure components within their existing data centers. These facilities typically contain essentially flat, open networks, as network segmentation for cybersecurity was not a consideration many years ago. However, malicious actors have recently found success in such open environments, where much of the lucrative data and systems are readily accessible after compromising a vulnerable device elsewhere in the network through phishing, malware or social engineering. As examples, across the multiple SWIFT member attacks and in ATM malware attacks (Ripper and Cobalt gang), the malicious actors moved laterally in search of items of value after gaining initial footholds within those targeted organizations.

Certain legacy and mainframe applications may be unsuitable for migration to the cloud, and will continue to run in private data centers with traditional architectures. Consequently, this legacy infrastructure with its indigenous applications and their associated data also needs the protection afforded by network segmentation. With more sophisticated adversaries, multiple attack vectors and insider threats, even legacy environments warrant compartmentalization to limit exposure of sensitive data and resources, as well as to minimize financial and reputational damage in the event of a data breach. Proper segmentation of the internal network can also reduce the scope of PCI audits by demonstrating clear separation of cardholder data environments from the rest of the IT infrastructure.

Download this use case to see how one of the largest financial institutions in the world created network segmentation with the Palo Alto Networks next-generation firewall to increase security and protect data in their traditional data centers with minimal business disruption.

For more information on cybersecurity for the financial sector, visit our Financial Services industry page at  https://www.paloaltonetworks.com/products/security-for/industry/financial-services.html


 

Cybersecurity Reference Blueprint for Financial Services IT

Learn how financial institutions may prevent successful cyberattacks by incorporating various elements of the Palo Alto Networks security operating platform into their overall cybersecurity program.
  • 3
  • 1740

Application Usage and Threat Report

The AUTR provides visibility into the real-world threat and application landscape, helping security teams to understand how adversaries are attempting to attack organizations around the world and build proactive, actionable controls. Built by the Unit 42 threat research team, the report correlates data from more than 7,000 enterprise organizations, providing broad visibility into critical trends.
Santa Clara
  • 30
  • 9086

Simplify PCI Compliance with Network Segmentation PDF

Establishing, maintaining and demonstrating compliance with the Payment Card Industry Data Security Standard (PCI DSS) is a necessity for all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD). For all system components included in or connected to the Cardholder Data Environment (CDE), organizations must comply with more than three hundred requirements. It is in every organization’s best interest, therefore, to take advantage of network segmentation provisions stated in the PCI DSS to effectively isolate their CDE and thereby decrease the amount of infrastructure that is considered in scope. Download our use case "Simplify PCI Compliance With Network Segmentation" to learn how Palo Alto Networks Next-Generation Security Platform delivers maximum protection for an organization’s entire computing environment while greatly reducing the scope of PCI compliance.
  • 0
  • 1551

VakıfBank Case Study

Vakifbank chose to strengthen End-Point Security and reduce its attack surface with Palo Alto Networks Traps
  • 2
  • 1119

Security Operating Platform for Financial Services (2018)

Thousands of banks, institutional investors, asset managers, mutual funds, broker-dealers and other financial institutions across the globe prevent successful cyberattacks with the Palo Alto Networks Security Operating Platform. Palo Alto Networks is uniquely qualified to protect financial transactions, customer data, and support regulatory compliance by providing advanced security prevention capabilities in one security platform. Automation and tight integration between components of the platform prevent successful cyberattacks. By eliminating routine tasks, security personnel may then focus on what matters. The extensibility of the platform allows financial institutions to consume security innovations quickly whether they are provided by Palo Alto Networks, third-parties, or even home-grown. Download the whitepaper to learn how the Security Operating Platform provides layered protection across a financial institution’s network, endpoints, and cloud environments. Read about several popular use cases for the financial sector including network perimeter protection, network segmentation, security for cloud computing initiatives, protection of even difficult or impossible to patch endpoints, and as well securing both corporate and unmanaged mobile devices.
  • 1
  • 218

Bank OCBC NISP

At Bank OCBC NISP, Palo Alto Networks PA-5060 next-generation firewall prevents threats and safely enables applications over the bank’s internet gateways across two data centers. In addition, the WF-500 appliance provides WildFire™ threat analysis service as an on-premise, private cloud to analyze suspicious files in a sandbox environment without the need to send them outside the bank’s network.
  • 0
  • 788