There are no flawless software systems or applications. When these flaws result in security vulnerabilities, threat actors may exploit them to compromise those systems and applications and, by extension, the endpoints on which they reside. Although software vendors issue patches to remediate flaws, many financial institutions do not apply all available patches to their production environments in a timely fashion. In addition, when systems or applications reach their end-of-support, they no longer receive vulnerability patches from their vendors. These two scenarios describe the conditions under which a system or application is considered "unpatchable." When patching or upgrading is no longer feasible, security professionals need to identify alternative ways to secure the unpatchable systems and applications to support their ongoing use as required for other business strategies.

This document presents a case study that discusses the security, risk and compliance ramifications of operating unpatchable systems and application such as legacy Windows® Operating Systems (e.g., Windows XP, Windows 8).  These may still be found in older ATMs and aging endpoints that support check scanners, printers for passbooks, ATM cards, and other legacy banking applications.

The case studies outline the core attack vectors that threat actors can use to compromise unpatchable systems and applications and offer a technical solution that eliminates the reliance on vulnerability patches as a security measure while preventing breaches on the endpoints that operate those unpatchable systems and applications.  This advanced endpoint protection uses a multi-method approach to detect and address exploits and malware while using machine learning, as well as static and dynamic analysis to identify cyber threats.

For more information on cybersecurity for the financial sector, visit our Financial Services industry page at  https://www.paloaltonetworks.com/products/security-for/industry/financial-services.html


 

Bank Central Asia

Bank Central Asia is one of Indonesia’s leading retail banks. The bank has approximately 16 million customers, 1,213 branches, and 17,207 ATMs. It also manages a growing mobile and internet banking operation. While ATMs use dedicated connectivity for transactions, mobile transactions rely on the internet to ensure everyone has full, anytime access. However, such high exposure comes with major security risks, therefore demanding the need for advanced security protection.
  • 1
  • 300

Cybersecurity Reference Blueprint for Financial Services IT

Learn how financial institutions may prevent successful cyberattacks by incorporating various elements of the Palo Alto Networks security operating platform into their overall cybersecurity program.
  • 3
  • 1861

Fiserv

Fiserv is a global leader in financial services technology and helps more that 12,000 clients worldwide. Tony Gravanda, Director of Network Security Architecture and Engineering shares how Firserv saved the equivalent to 3 engineers time or approximately 6,500 hours in a span of 8 months by moving to automation on the Palo Alto Networks Security Operating Platform. With the help of the Security Operating Platform Fiserv can onboard their customers and provision their services quickly while ensuring everything is secure. Tony and his team now have the visibility into the traffic at Fiserv and can take quick action when needed.
  • 0
  • 287

Simplify PCI Compliance with Network Segmentation PDF

Establishing, maintaining and demonstrating compliance with the Payment Card Industry Data Security Standard (PCI DSS) is a necessity for all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD). For all system components included in or connected to the Cardholder Data Environment (CDE), organizations must comply with more than three hundred requirements. It is in every organization’s best interest, therefore, to take advantage of network segmentation provisions stated in the PCI DSS to effectively isolate their CDE and thereby decrease the amount of infrastructure that is considered in scope. Download our use case "Simplify PCI Compliance With Network Segmentation" to learn how Palo Alto Networks Next-Generation Security Platform delivers maximum protection for an organization’s entire computing environment while greatly reducing the scope of PCI compliance.
  • 0
  • 1712

VakıfBank Case Study

Vakifbank chose to strengthen End-Point Security and reduce its attack surface with Palo Alto Networks Traps
  • 2
  • 1204

Application Usage and Threat Report

The AUTR provides visibility into the real-world threat and application landscape, helping security teams to understand how adversaries are attempting to attack organizations around the world and build proactive, actionable controls. Built by the Unit 42 threat research team, the report correlates data from more than 7,000 enterprise organizations, providing broad visibility into critical trends.
Santa Clara
  • 30
  • 9095