Latest News Headlines
Commercial Credit News
|Financial Services IT Professionals Overconfident in Breach Detection Capabilities|
|Wednesday, 11 May 2016|
Tripwire, Inc., a leading global provider of endpoint detection and response, security and compliance solutions, today announced the results of an extensive study conducted for Tripwire by Dimensional Research. The Tripwire study evaluated the confidence of IT professionals regarding the efficacy of seven key security controls, which must be in place to quickly detect a cyber attack in progress. Study respondents included 763 IT professionals from various industries, including 134 participants from financial services.
According to the Identity Theft Resource Center’s 2015 Breach List report, the number of data breaches within the banking, credit and financial sectors nearly doubled between 2014 and 2015. Despite this increase, the majority of IT professionals in financial services displayed high levels of confidence in their ability to detect a data breach, even though they were unsure how long it would take for their security tools to discover key indicators of compromise.
While sixty percent of financial respondents either did not know or only had a general idea of how long it would take to isolate or remove an unauthorized device from their organizations’ networks, eighty-seven believed they could perform this task within minutes or hours.
Additional financial services findings include:
Only thirty-seven percent said their automated tools were able to identify locations, department and other critical details of network devices with unauthorized configuration changes.
Eighty-two percent believe they could detect configuration changes to a network device on their organizations’ networks within minutes or hours. However, fifty-nine percent acknowledged they did not know exactly how long it would take to do this.
Ninety-two percent believe vulnerability scanning systems would generate an alert within minutes or hours if an unauthorized device was discovered on their network. However, seventy-seven percent say they automatically discover eighty percent or less of the devices on their networks.
Twenty-nine percent do not detect all attempts to access files or network-accessible file shares without the appropriate privileges.
Forty percent said less than eighty percent of patches are successfully fixed in a typical patch cycle.
“Compliance and security are not the same thing,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “While many of these best practices are mandated by compliance standards, they are often implemented in a ‘check-the-box’ fashion. Addressing compliance alone may keep the auditor at bay, but it can also leave gaps that can allow criminals to gain a foothold in an organization.”
Tripwire’s study is based on seven key security controls required by a wide variety of compliance regulations, including PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53, CIS 20 Critical Controls and IRS 1075. These controls also align with the United States Computer Emergency Readiness Team (US-CERT) recommendations and international security guidance such as the Australian Signals Directorate’s Strategies to Mitigate Targeted Cyber Intrusions.
The recommendations and guidance include:
Accurate hardware inventory
Accurate software inventory
Continuous configuration management and hardening
Comprehensive vulnerability management
Identity and access management
When implemented across an organization, these controls deliver specific, actionable information that is necessary to defend against the most pervasive and dangerous cyber attacks. It is vital for organizations to identify indicators of compromise quickly so that appropriate action can be taken before significant damage is done. According to Mandiant’s M-Trends 2015 report, the average time required to detect an advanced persistent threat on a corporate network is 205 days. Verizon’s 2016 Data Breach Investigations Report revealed that eighty-three percent of compromises took weeks to detect.
“The path to a mature security deployment is through visibility because you cannot protect what you cannot see,” said Travis Smith, senior security research engineer for Tripwire. “Understanding what you have and how you can potentially be compromised allows security teams to focus on where attackers are likely to strike. The cost of being proactive is always less than the cost of being reactive.”
Forums International Ltd
Attendance at your first meeting is free of charge, and please quote reference 'CCR2016' to receive the special 10% discount off of your first annual subscription.
Find out more here.
The latest edition of CCR Magazine, the leading editorial publication in the UK credit industry, is out.
CCR is the premier magazine for consumer and credit professionals. It provides an independent voice to the industry, breaking major news stories and running in-depth features.
As a magazine, it works with and campaigns on behalf of the credit industry to promote its importance as a centre of potential profit and business development to the wider business world.
Providing information and analysis for thousands of senior credit professionals worldwide, every quarter.
GTS Media Ltd
81 Cambridge Road
Registered in England No: 05483197