CCR Magazine

CSA Top Banner
You are here  :Home arrow News arrow Financial Services IT Professionals Overconfident in Breach Detection Capabilities
Contact Us Newsletter Signup RSS Feeds

Latest News Headlines

Headlines

 
Commercial Credit News

Headlines

 
Financial Services IT Professionals Overconfident in Breach Detection Capabilities PDF Print E-mail
Wednesday, 11 May 2016
Tripwire, Inc., a leading global provider of endpoint detection and response, security and compliance solutions, today announced the results of an extensive study conducted for Tripwire by Dimensional Research. The Tripwire study evaluated the confidence of IT professionals regarding the efficacy of seven key security controls, which must be in place to quickly detect a cyber attack in progress. Study respondents included 763 IT professionals from various industries, including 134 participants from financial services.  

According to the Identity Theft Resource Center’s 2015 Breach List report, the number of data breaches within the banking, credit and financial sectors nearly doubled between 2014 and 2015. Despite this increase, the majority of IT professionals in financial services displayed high levels of confidence in their ability to detect a data breach, even though they were unsure how long it would take for their security tools to discover key indicators of compromise.

While sixty percent of financial respondents either did not know or only had a general idea of how long it would take to isolate or remove an unauthorized device from their organizations’ networks, eighty-seven believed they could perform this task within minutes or hours.

Additional financial services findings include:

Only thirty-seven percent said their automated tools were able to identify locations, department and other critical details of network devices with unauthorized configuration changes.
Eighty-two percent believe they could detect configuration changes to a network device on their organizations’ networks within minutes or hours. However, fifty-nine percent acknowledged they did not know exactly how long it would take to do this.
Ninety-two percent believe vulnerability scanning systems would generate an alert within minutes or hours if an unauthorized device was discovered on their network. However, seventy-seven percent say they automatically discover eighty percent or less of the devices on their networks.
Twenty-nine percent do not detect all attempts to access files or network-accessible file shares without the appropriate privileges.
Forty percent said less than eighty percent of patches are successfully fixed in a typical patch cycle.

“Compliance and security are not the same thing,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “While many of these best practices are mandated by compliance standards, they are often implemented in a ‘check-the-box’ fashion. Addressing compliance alone may keep the auditor at bay, but it can also leave gaps that can allow criminals to gain a foothold in an organization.”

Tripwire’s study is based on seven key security controls required by a wide variety of compliance regulations, including PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53, CIS 20 Critical Controls and IRS 1075. These controls also align with the United States Computer Emergency Readiness Team (US-CERT) recommendations and international security guidance such as the Australian Signals Directorate’s Strategies to Mitigate Targeted Cyber Intrusions.

The recommendations and guidance include:

Accurate hardware inventory
Accurate software inventory
Continuous configuration management and hardening
Comprehensive vulnerability management
Patch management
Log management
Identity and access management

When implemented across an organization, these controls deliver specific, actionable information that is necessary to defend against the most pervasive and dangerous cyber attacks. It is vital for organizations to identify indicators of compromise quickly so that appropriate action can be taken before significant damage is done. According to Mandiant’s M-Trends 2015 report, the average time required to detect an advanced persistent threat on a corporate network is 205 days. Verizon’s 2016 Data Breach Investigations Report revealed that eighty-three percent of compromises took weeks to detect.

“The path to a mature security deployment is through visibility because you cannot protect what you cannot see,” said Travis Smith, senior security research engineer for Tripwire. “Understanding what you have and how you can potentially be compromised allows security teams to focus on where attackers are likely to strike. The cost of being proactive is always less than the cost of being reactive.”
 
Enghouse Side Banner

CSA side

 Forums International Ltd

Forums International Ltd

 Attendance at your first meeting is free of charge, and please quote reference 'CCR2016' to receive the special 10% discount off of your first annual subscription.

Find out more here.

latest issue

CCR Cover

The latest edition of CCR Magazine, the leading editorial publication in the UK credit industry, is out.

Read the latest issue online

CSA

subscriptions

CCR is the premier magazine for consumer and credit professionals. It provides an independent voice to the industry, breaking major news stories and running in-depth features.

As a magazine, it works with and campaigns on behalf of the credit industry to promote its importance as a centre of potential profit and business development to the wider business world.

Subscribe to CCR Magazine

CCR World Magazine


 

Providing information and analysis for thousands of senior credit professionals worldwide, every quarter.

Find out more

GTS Media Ltd
81 Cambridge Road
Southend-on-Sea
Essex
SS1 1EP

Registered in England No: 05483197