Please wait, authorizing ...

Don't have an account? Register here today.


Financial sector overcomes cyberattacks with micro-segmentation and Zero Trust

Sector financiero supera ciberataques con microsegmentación y Zero Trust

International. Financial services are among the sectors most affected by cybercrime; whose extreme losses from cyberattacks worldwide have more than quadrupled since 2017, to $2.5 billion in 2023.

Attacks are becoming more sophisticated and rapid, and without full visibility into the technical ecosystem, financial institutions may be leaving backdoors open.

Last year, there were 173 ransomware attacks (both successful and unsuccessful) on financial services institutions in the world; increasing in the last two years, from 43 attacks on average in 2021 to 62 in 2023. While the industry has a reputation for robust security measures, these numbers underscore a critical vulnerability that cannot be overlooked, according to Akamai's "Overcoming Implementation Hurdles to Protect Critical Banking Systems."

Oswaldo Palacios, Senior Account Executive for Akamai, explained that ransomware attackers, who often work in organized groups, such as CL0P — a Russian ransomware gang known for demanding multimillion-dollar payments from victims — leverage compromised assets and then move laterally across the network to detect and exploit other vulnerable assets.

- Publicidad -

Zero-day vulnerabilities, such as the MOVEit SQL injection vulnerability, allow attackers to access and spread the attack quickly by using automated scripts to encrypt systems, steal data, and demand a ransom. "Any disruption or downtime in financial services has serious consequences, and the sensitive data held by companies in this sector can turn into ground gold, as they often store not only data of individuals, but also of companies," he said.

Financial services institutions in the Asia Pacific (APAC) region have been the target of the highest number of ransomware attacks (73), while the LATAM region has been the least impacted (48), according to Akamai's report. It also revealed that the number of financial services institutions that are continuously updating their cybersecurity strategies or policies has increased from 3% in 2021 to 18% in 2023, not only in response to ransomware attacks but to an ever-changing attack surface.

Geographically dispersed work teams and the migration of applications and data to the cloud are just two factors that
affect the security strategy on a daily basis.

Adoption of Microsegmentation and Zero Trust in Financial Companies
Due to the rise in ransomware attacks, only financial services firms with more advanced segmentation have transformed their defense. Segmentation is an architectural approach that divides a network into smaller segments in order to improve performance and security.

Akamai's 2023 State of Segmentation report found that respondents in the financial services industry agreed that segmentation is important to ensure their organization is secure, and in particular, to address malware: 66% said it is extremely important, and 92% felt it is critical to help thwart malicious attacks.

Oswaldo Palacios highlighted that in recent years, software-defined segmentation has emerged as a more flexible, streamlined, and cost-effective approach to application-level security, which dramatically accelerates deployment, simplifies ongoing maintenance, and is ultimately more effective at mitigating threats.

"After a breach is carried out, recovery based on a segmentation strategy can occur in less than 11 hours. For those companies that have implemented segmentation in six critical areas, it takes four hours on average to completely stop a ransomware attack; and approximately three hours to significantly limit the lateral movement of a ransomware attack," the expert reported.

- Publicidad -

Financial services institutions aspire to go further and implement micro-segmentation, which protects application workloads at a granular level: 88% said micro-segmentation is at least a high priority, and 39% name it as their top priority. Financial firms in Latin America are most likely to consider it a top priority (50%), while countries in the EMEA region are the least likely (31%).

Segmentation also goes a long way toward an effective Zero Trust framework. In addition, the more business areas a financial services institution segments, the more it will advance its Zero Trust architecture, allowing it to reduce the risk it currently faces and ensure a top-line defense against future threat vectors.

Companies located in Latin America are more likely to declare that their implementation of Zero Trust architecture is fully complete and defined (49%) than countries in APAC (35%) or EMEA (33%). "Financial institutions are adopting the Zero Trust model to address the growing number of ransomware threats, strict compliance regulations, and the challenges of migrating to the cloud," said Oswaldo Palacios.

Finally, the executive asserted that to be competitive financial services companies, their security teams need a Zero Trust network architecture that is capable of protecting enterprise data, regardless of the location of users and devices, while ensuring the fast and optimal operation of applications.

Álvaro León Pérez Sepúlveda
Author: Álvaro León Pérez Sepúlveda
Editor - Latin Press, Inc.
Comunicador Social Periodista egresado de la Universidad de Antioquia, con más de 14 años de experiencia en medios periodísticos y proyectos de comunicación digital. [email protected]

No thoughts on “Financial sector overcomes cyberattacks with micro-segmentation and Zero Trust”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis

Top 3 noticias más importantes de la industria de la seguridad electrónica

Entre los hechos destacados de esta semana se encuentra la realización de IntegraTEC México, el evento para integradores de tecnologías; así como la fusión empresarial de Milestone Systems con Arcules y la convocatoria para aspirar a las becas ofrecidas por el Foro SIA Mujeres en Seguridad. #Seguridad #SeguridadElectrónica #Videovigilancia #VentasDeSeguridad

Webinar: Inteligencia Artificial en NVR & Cámaras Enforcer Tema: Inteligencia Artificial en NVR & Cámaras Enforcer Por: Eduardo Cortés Coronado, Representante Comercial en México - SECO-LARM USA INC Fecha: Martes 28 de mayo, 2024 Hora: 10.00H (Colombia) 09:00H (México) Conozca cómo sacar ventaja de las funciones de inteligencia artificial en NVR´S 4K & cámaras IP enforcer, disuación activa, reconocimiento facial, reconocimiento de matriculas vehiculares, salidas alarma etc.

Webinar: NxWitness el VMS rápido fácil y ultra ligero

Webinar: Por qué elegir productos con certificaciones de calidad

Por: Eduardo Cortés Coronado, Representante Comercial - SECO-LARM USA INC La importancia de utilizar productos certificados por varias normas internacionales como UL , Ul294, CE , Rosh , Noms, hacen a tus instalciones mas seguras y confiables además de ser un herramienta más de venta que garantice nuestro trabajo, conociendo qué es lo que certifica cada norma para así dormir tranquilos sabiendo que van a durar muchos años con muy bajo mantenimiento.

Webinar: Anviz ONE - Solución integral para pymes

Por: Rogelio Stelzer, Gerente comercial LATAM - Anviz Presentación de la nueva plataforma Anviz ONE, en donde se integran todas nuestras soluciones de control de acceso y asistencia, video seguridad, cerraduras inteligentes y otros sensores. En Anviz ONE el usuario podrá personalizar las opciones según su necesidad, de forma sencilla y desde cualquier sitio que tenga internet.
Load more...

Latest Newsletter