Cybersecurity in the financial sector
2/Jul/2021Success case
Cybersecurity in the financial sector
2/Jul/2021Success case
Sofistic has 35 clients related to the banking sector internationally, for which it has implemented advanced cybersecurity solutions based on artificial intelligence and automation.
The customer: Financial sector
Today, the current security situation in the financial sector requires a higher level of protection to prevent not only cyber-attacks, but also banking fraud, phishing and possible vulnerabilities that could jeopardize the systems and information managed by these companies.
Sofistic has 35 clients related to the financial sector at an international level, mainly in Latin America, with whom it has implemented various solutions for a broad protection of companies.
The challenges
As main challenges, the sector seeks to improve both internal and external controls, making visible and prioritizing all cybersecurity events that may occur in the company, in addition to having an extensive analysis of vulnerabilities of the different systems.
The sector has common cybersecurity objectives:
Increased identity-related risks: The use of identity as a new security perimeter is proposed: Strong authentication and conditional access, risk-based logins and identity protection, within Microsoft’s securitization options, as well as filtered password detection.
Device security management (endpoint), ensuring information confidentiality, data integrity and availability.
Data control, preventing data leakage (DLP solutions) or accidental sharing of confidential information. Application of flexible protection actions including encryption, access restrictions and watermarking.
Deepen the securitization of the Microsoft 365 platform, which has a large number of security features that are often not properly exploited, which can pose serious dangers. To establish minimum cybersecurity measures, companies propose to improve the score offered by Microsoft in security configurations to a minimum score of 60 in this score.
Obtain 100% visibility of network traffic to identify cyber-attacks and anomalies at the earliest stages.
Resilience – Rapid recovery from attacks: Ensure rapid and timely response to cyber-attacks, with support in resolving them.
Efficient management of security alerts: A large number of security alerts are received on a daily basis and this number is growing every year. Implementing automation measures to respond to the most common threats is crucial to properly manage the most advanced threats.
Cloud security: Analysis of vulnerabilities in online applications and support in their resolution. The current situation has forced many entities to adopt cloud-based services quickly and without following the relevant security measures.
Visibility and protection of the entire connected infrastructure, including IoT devices.
Sofistic Methodology
Differential value: We detect and identify vulnerabilities from different perspectives, achieving greater visibility than our competitors. After this, combining our experience, automation and support in artificial intelligence, we help in the mitigation, looking for more efficient, agile, cost-effective solutions, and with less impact on the bank’s operations.
Strategic investment: the cost is lower than the return on investment, our preventive services greatly mitigate the risks faced by the bank.
Solutions and services
SIEM / SOAR: implementation of solutions that allow the detection of incidents through the correlation of events from different sources, where it is also possible to automate actions (playbooks) against defined and known patterns of attacks.
Atlantis SOC: monitoring of threats from the operations centers adapted for this purpose, with presence in two continents, so that greater efficiency is obtained by avoiding night shifts of low productivity and minimizes the risk of loss of service caused by possible catastrophes, massive attacks or meteorological situations by being distributed in two very distant locations.
Artificial Intelligence for visibility and protection: Threat and anomaly detection and prioritization solutions are proposed using artificial intelligence to analyze behavior patterns and provide a first response autonomously. Solutions such as Darktrace provide complete visibility of all connected devices and potential risks. To extend this protection to endpoints we use CrowdStrike, which performs AI-supported analysis of behavioral patterns and goes where conventional antivirus systems are unable to go. This makes it one of the only systems capable of protecting end devices against the newest threats.
Pentesting / Ethical hacking: Identification of vulnerabilities (pentesting) that, if exploited, may affect the continuity of operations or lead to fraud.
Anti-fraud: In order to continue protecting all the weak points of the infrastructure, financial institutions need to protect access to their systems through mobile devices, both for employees and customers when accessing online banking apps.
Protection of employees’ mobile devices: from these devices, employees access corporate resources, to protect them, we combine Microsoft Intune MDM to control device configurations with UareSAFE, to protect these devices against malware and others, providing visibility of their security status in a simple way, all this without violating the privacy of end users.
Onboarding protection: One of the biggest challenges for financial institutions has to do with managing user identity by detecting fraudulent access attempts. For this purpose, different solutions are proposed to establish better access controls with an analysis of user behavior, some of which are included among the various M365 cybersecurity products, or solutions for user identification through biometrics such as Selphi or SelphID.
Translated with www.DeepL.com/Translator (free version)
IBM Assurance I (AS400): We accompany entities to identify security risks and support the implementation of security best practices, user management and monitoring.
Integration between solutions: At SOFISTIC we also perform integrations between Darktrace, Crowdstrike, M365, the SIEMS and other external platforms to achieve having in a single panel all the unified alerts.
Results
%
of monitored clients have identified incidents with 100% compliance with the defined SLAs - Example: email accounts compromised at different levels.
%
of customers in the sector are recurring, they are particularly satisfied with the results as they complete the cybersecurity solutions implemented year after year.
Future actions
Due to the wide variability of attacks and the technological evolution of the latest attacks (offensive artificial intelligence), the sector plans to continue deepening research and the application of new multilevel protection systems with Sofistic.
Related Articles
Sofistic, Exabeam’s Growth Award
Exabeam recognizes Sofistic's background and growth in cybersecurity In the dynamic world of cybersecurity, distinction and recognition are not only a reflection of past achievements, but a promise of what is about to come. That's why we are proud to have been...
Sofistic obtains the new Microsoft Solutions Partner Security Certification
After obtaining Microsoft solutions Partner Modern Work, Sofistic has recently obtained the Microsoft Solutions Partner Security certification, demonstrating the successful adaptation to the new requirements established by the technological giant. One of the first...
Sofistic ranks among Microsoft’s top partners with Modern Work certification
Sofistic, among Microsoft’s top Modern Work Certified partners
0 Comments