Today’s financial organizations face many different risks in volatile and uncertain business environments, but the ever-present threat of cyberattacks and data breaches is now impossible to ignore. For this reason, managing these cyber-risks now has to simply be considered one of the many costs of doing business.
Because we know that a cyberattack or data breach of some kind is inevitable, we’re motivated to invest in solutions that reduce the risks we face. But the way we invest our cybersecurity budgets hasn’t evolved with the changing scope of risks in our digital environment.
This risk is intensified for financial institutions that manage vast amounts of sensitive customer data across hybrid hosting environments, relying on legacy systems as well as modern software applications to keep their business operational. As a result, the risk of a breach is heightened.
In a bygone era, financial organizations could concentrate their security efforts on simply protecting the network perimeter. Business data was kept on-site in data centers, which were only accessible through desktop computers tethered to desks behind the walls of our secure office building. The good old days.
However, we now have hundreds (sometimes thousands) of mobile devices connecting to our networks through cloud-native applications that access critical and sensitive data from a variety of hybrid cloud environments. In this scenario, which is now the norm for most enterprises, there is no definable network perimeter.
Yet, we still see rising investments in endpoint and network security, as these are the easiest solutions to understand and justify. Identity and access management security solutions are also growing along with our comprehension of the risks we face from rogue insiders.
If we were to adopt a truly risk-based approach to cybersecurity, we would focus on protecting data itself, rather than solely focusing on endpoints, networks, and identity. These aspects are still important, but they need to be built upon a base of solid data security.
Only by investing in the security of actual data can financial firms hope to reduce the risks to their business. Data security involves protecting critical data at the source through measures such as:
Data masking: Also referred to as data de-identification, anonymization, or obfuscation, data masking is the process of obscuring sensitive data to prevent it from being exposed to individuals not authorized to view it. These individuals could be internal employees, like application developers and testers, or could be outside consultants or offshore firms.
Data Protection and Database Audit: Capturing and analyzing all database activity, from both application user and privileged user accounts, providing detailed audit trails that show the “who, what, when, where, and how” of each transaction – and is separately administered from the database – ensuring the audit trail meets regulatory guidelines and standards of trust.
Database security can drive significant operational benefits because it uncovers unknown and disused databases within an organization’s infrastructure that can be shut down, reducing the corporate attack surface. It also identifies the locations where your most sensitive data resides which helps cybersecurity teams focus their efforts on where they need to concentrate.
Ultimately, when formulating your security investment strategy, begin by focusing on risk. We know that data security can reduce risk more effectively than endpoint or IAM security, so it should be prioritized when you’re making risk-based investment decisions. Once you have your data security strategy covered, then you can move on to network and edge security with greater peace of mind.