Other parts of this series:
- Financial services need new security mindset to support strategic growth initiatives
- What new technology developments offer opportunities to enhance security?
- Cyber risks and company stakeholders – a key to financial firms’ security
- Helping financial firms to transform security for “New IT” landscape
- Identity management and threat intelligence are key security spends for financial firms
- Planning for security failure is critical for success
In my previous post’s examination of the value of investing in cyber threat intelligence, I asserted that threat detection is the best and most cost-effective protection for financial services institutions (FSIs) in the “New IT” landscape. This is because, security experts agree, no organization can reasonably expect to foil all of the many potential system intruders it will face.
That brings us to a critical aspect of transforming security: FSIs are encouraged to plan for failure by building an architecture designed to withstand a successful cyber attack and resulting outages. This involves transforming architecture patterns and blueprints to embed resilience, as well as security and compliance, through automated and modular elements. In so doing, the organization’s network is protected and will remain operational even if an element of the network fails. FSIs also should update their security architecture for cloud technologies.
As outlined in the report, Security in the Financial Services Sector–Ready for the “New”? Accenture recommends that FSIs follow these short-term and medium range plans to transform their architecture:
The 100-day plan
- Define the key guiding principles for the architecture.
- Consider using the public cloud as the key infrastructure for running the business, because cloud technology offers greater elasticity and resilience at a lower cost.
- Study the challenges and issues that need to be addressed while migrating to the cloud.
- Define a cloud architecture by considering the principles on failure and compliance.
- Set up a cloud program.
The 360-day plan
- Run proof of concepts to develop a better understanding of possible issues and challenges that lie ahead when completing the migration to the cloud.
- Respond to the issues and challenges identified.
This blog series has examined the factors creating an environment that underscores the critical need for FSIs to begin transforming their security function from one with a compliance-only mindset to one that is a true partner for the business. We have covered the many emerging technology-related trends and the various cyber security threats that FSIs face. In transforming security, we have stressed the importance of redefining the security and the chief security officer functions and investing in identity management and threat intelligence. And, crucially, we have examined the importance of architecting for failure and compliance in recognition that no amount of preventative measures will thwart every security threat.
By adopting this new mindset and approach, FSIs can better position themselves to protect their business and support future growth in the “New IT” landscape.
To learn more, read: Security in the Financial Services Sector–Ready for the “New”?