I have been watching closely the news surrounding the Heartbleed vulnerability. In the recent American Banker article, entitled, “FFIEC Issues Heartbleed Warning; Major Banks Say They’re Protected” the article states that most of the banks and online banking vendors contacted for comment report that their sites and software are not at risk. While it’s commendable that these organizations don’t want to alarm the public unnecessarily, no one really knows how complex Heartbleed is, or the full extent of what may have been compromised. Every day we are seeing breaking news about new exploitations cropping up from the UK to Canada.
Clearly, the core banking software vendors like Fiserv, Jack Henry and D+H USA (formerly Harland Financial Solutions), as well as the many online banking providers, go to extraordinary measures to protect their financial data. Likewise, the big banks mentioned in the article have vast IT resources to address vulnerabilities in terms of both people and infrastructure. Overall, the industry is doing everything it knows how to do with the current tools and systems it has to work with to reduce its vulnerabilities. And therein lies the problem: today’s technological approach to IT and network security has changed little over the last two decades, while everything else that touches it has changed dramatically.
There are too many “things” to manage; users/identities, systems, applications, and data. Today’s solutions are mostly passive in nature, providing primarily ‘after-the-fact’ forensic analysis. Relying on perimeters, rules and signatures, even if they are proactively managed and updated regularly, is too static. And, just how many more appliances can you afford to put in your datacenter every time a new business process needs to be introduced or a new threat crops up? So as the gap between the security architectures and service delivery models currently in play widens, the impact of intrusions, insider attacks, and other related exploits will grow, not diminish.
Technology is needed to detect the threat before it can be exploited. This is the ideal. Or, at least detect the threat as it is occurring. To do this, IT security professionals operating under increasingly more complex, ever-growing big data environments need tools that will simplify and unify.
By integrating all the data from every source, our MetaGridTM technology is able to perform comprehensive collection and analysis of data from all of your network and security devices, increase “stream-time” security analysis and provide the means to develop a proactive, automated security response that would otherwise be impossible. And instead of tossing out the existing investment in firewalls, intrusion prevention sensors, anti-malware scanners, routers, identity management technologies and other security appliances, MetaGridTM was specifically designed as a transitional technology that can co-exist with existing security infrastructure, enhancing the performance and shelf life of an organization’s current systems and tools.
For financial institutions to shift the balance of power away from the attacker, it’s going to take a fresh approach. By combining high-performance computing and identity-awareness with advanced neural, behavioral and social analysis and rapid response capabilities, financial institutions will be able to gain the upper hand and better defend themselves from the like of Heartbleed or any other attack that comes along now or in the future.