In meeting with large financial institutions, the single biggest thing we keep hearing about is the need to simplify and consolidate their security infrastructure. As Financial Services has evolved from person-to-person transactions to a fully digital business model, the industry’s networks have evolved as well, become increasingly complex and more difficult to defend. During this evolution, as new threats have emerged, financial organizations have gone out and purchased a host of different security products, often from different vendors, as part of their overall security infrastructure. There is a realization now but there may have been some over-purchasing.
Many of Fortinet’s large financial services customers have as many as 40 or more different security vendors inside their networks. They often have multiple firewalls, antivirus tools, intrusion detection and intrusion prevention systems (IDS/IPS), web application firewalls (WAF), advanced threat protection tools like sandboxes, and more. All of these products have separate management systems, often with limited connectivity. These interoperability challenges can hamper efforts to share cyber threat information across and between networks and frustrate attempts to respond to threats in a timely manner.
That is not to say that all your security products must come from a single vendor. Even large security vendors that sell a broad portfolio of security solutions don’t provide all the pieces needed to deliver true security effectiveness. Financial services organizations also gravitate towards best-of-breed solutions for each security issue they face, which result in multiple vendors in their security environment.
Regardless of the number of different vendors, companies need to do some real analysis of their security infrastructure to determine whether all of these devices are even necessary. What organizations are finding is that many of these products are duplicative, adding complexity without adding any security.
For a lot of financial services organizations, the key to better security moving forward is actually going to be to own fewer devices, but to also do a better job of integrating them. Essential to that integration is a cooperative security fabric that ties all your devices together, using a common communications and intelligence framework to enable communication between multiple vendor security systems. The benefits of this consolidation and integration are numerous.
With so many different security products, organizations often end up with overlapping and conflicting security policies. One of your devices is telling you to do one thing, while another device is telling you to do something else, and the two could end up canceling each other out. What you have then are devices that are set up to secure the environment, but which are actually making it less secure. Unifying solutions within a security fabric simplifies the management and orchestration of security tools and policies to avoid these types of conflicts.
Managing so many different security devices can be a nightmare for your security team, but at the end of the day, they are still expected to make it all work. These folks know that this kind of complexity only hinders security effectiveness. It can take days to update protection to all devices from a new piece of malware. Adds, moves, and changes to security devices can take weeks, with lots of manual intervention to re-implement policy and ensure consistent compliance. The idea of easing the management workload with fewer different security devices and management panes, and an integrated security fabric that allows you to automate security changes to flow through your network, is very appealing to the people on the technology side of the house.
Cost savings as a benefit of consolidation may not be at the top of people’s minds for a simple reason: they’ve already made the security purchase. If it's hardware-based, they've bought the appliance. If it's software-based, they've purchased the license. It’s not like you can return them, right? But what is often overlooked is that the cost of a security product doesn’t end at the purchase; much of it comes from the ongoing maintenance and service renewals. Once you’ve consolidated and eliminated the need for a product, you can also put an end to the renewal and service expenditures that go along with it.
Perhaps the biggest issue with so many disparate security technologies is how difficult it is to know if you truly have 100% visibility across your entire network. A huge challenge for financial services organizations is simply sifting through all the various reporting tools and management consoles to try and get a unified view of what is happening. This is why sophisticated threats often persist inside a network for months before being detected.
Consolidating within a cooperative security fabric allows for a single management platform to monitor, manage, and orchestrate solutions across the entire distributed network. Such an integrated system can automate the processing and analysis of threat information from many different sources, and can quickly identify and react to network security threats. It can even automate the identification, isolation, and analysis of suspicious files. All of this, if done manually, is extremely labor-intensive and time-consuming.
As financial services organizations continue to transform, so will their networks and security needs. To keep up with the increasingly sophisticated and complex attacks of today’s cybercriminals, many financial services organizations need to simplify. By paring down unnecessary, redundant security devices and integrating what remains within a single unified system, financial organizations can make their cybersecurity solutions more effective than ever.