Skybox Blog TeamDev 5, 2016
India’s demonetization of 500 and 1000 rupee notes was an unprecedented move by the government in its attempt to fight “Black Money”. But in addition to the chaos it’s caused among cash-strapped citizens, there is another danger posed to the banks already dealing with enormous demand and changing directives from the government. Demonetization has driven an increase in cashless electronic transactions. As the rupee notes are now defunct, people will turn to online payments and use of credit and debit cards, which could increase the potential for cybercrimes against financial institutions.
Banks have always been a favorite target when it came to cybercriminals, and Indian banks are particularly attractive. According to a report by Trend Micro, India ranks third after Japan and the United States in terms of the countries most affected by online banking malware. And the news of security breaches at some of the biggest banks in India is still fresh on the minds of security professionals and banking customers. According to the National Payments Council of India, these breaches involved fraudulent withdrawals of a reported Rs 1.3 crore from cards issued by 19 banks.
As Indian banks cope with the increased volumes of electronic transactions, cybercriminals may use the chaos to their benefit, potentially putting banks at increased risk of cyberattacks. One way for banks to protect against an increased risk of cybercrime is to bring their entire IT infrastructure into view, enabling security teams to quickly spot the ways in which their organization’s network could be compromised.
Attack surface visualization solutions simplify this complex task by turning massive volumes of data into a simple picture. These tools enable security teams to view integrated data from dozens of security and networking products – regardless of vendor or location – and see indicators of exposure (IOEs) prioritized in the unique business context of their organization.
Target Action at Critical Risks
To gain a comprehensive understanding of the risk exposure throughout their IT network, organizations need to consider everything from new or exposed vulnerabilities and vulnerability concentrations to risky access paths and unsecure device configurations. IOEs take these traditionally disparate categories of risk and unite them under a common language, enabling security professionals to quickly assess the security posture of the entire organization prioritized in the context of the business and its critical assets.
Using network modeling of IT infrastructure, attack simulation and analytics, IOEs power visual, interactive attack surface models that understand the interconnectedness of the network and how that impacts risk severity. For example, a vulnerability with a “medium” CVE score may actually be a critical risk to your organization if it sits on a crucial business application. Using the IOE approach, vulnerability management teams can better focus resources rather than chasing false positives.
Additionally, IOEs and attack surface visualization make remediation alternatives apparent. For example, changes to a firewall rule or IPS signature may more efficiently neutralize a risk than deploying a patch. This can vastly reduce incident response times when tackling a zero-day vulnerability or containing an attack.
Holistic Security Management Programs
Attack surface visualization can also provide needed intelligence at the operational level. Comparative data from such solutions can identify security and network teams that should be emulated or may require more resources or training. IOE trends can also be viewed over time to track progress in combatting a specific category of risk or securing a business-critical area of the network.
In the heavily regulated financial industry, audit preparation can be greatly streamlined by utilizing the solution’s up-to-date topology maps and vulnerability documentation. It can validate corporate policy compliance, firewall and security device rules, as well as be used as a documenting tool to see if security and compliance goals are being achieved.
These improvements and the capabilities powered by an attack surface visualization solution all point to its biggest advantage: better use of resources and greater understanding of risks. With complete visibility and context, security teams in the financial services industry can finally gain an understanding of their overall security status and have the intelligence needed to take the right action quickly. As financial institutions will surely be swarmed with increased traffic – raising the potential for increased cybercrime – this is exactly the kind of focus they need.