Double Your Threat Blocking in 90 Days
April 13, 2022
More sophisticated threats, tighter budgets, and increasing scrutiny from the boardroom and regulators mean that it is vital for security teams in the financial services sector to achieve the best possible return from their cyber security spending.
Read this blog to learn how The Picus Complete Security Validation Platform is enabling banks and other financial firms to maximize the value of their investments and reduce the number of person-days required to do so.
Financial services firms invest millions of dollars in their cyber security every year and are amongst the most resilient organizations in the world. Despite this, many still find it hard to measure the ongoing effectiveness of their security programs and understand if the security controls they leverage deliver both the protection and value expected.
According to a report by Boston Consulting Group, financial institutions are 300 times as likely to be targeted by a cyberattack than other companies. Given this high level of risk, it’s essential that security teams working for firms in the sector maximize the protection that they receive from their controls and ensure that new investments are focused in the most appropriate areas.
The need to demonstrate the effectiveness and impact of security spending is also more important now that security is widely recognized as a business-level concern and that compliance mandates are ever tighter.
Only a quarter of organizations can quantify in financial terms the effectiveness of their cybersecurity spending
To get the best return from their investments, financial firms must be able to measure the effectiveness of their controls on an ongoing basis. Unfortunately, however, the types of indicators that organizations often rely on to gauge performance can paint a misleading picture.
Some of the most common metrics used to assess the effectiveness of security controls include:
Volume of alerts
% of false positives
Mean time to detect (MTTD) threats
Mean time to respond (MTTR) to threats
In most cases, the risks that security professionals fear the most are the ones they don’t know about. So, while the total number of alerts a tool generates, for example, may provide some value in helping to assess performance against known threats, such a figure cannot be used to validate capabilities to identify ‘unknown unknowns’ - the threats that haven’t been alerted on.
Data integrity is another issue that can hold financial firms back from accurately measuring the effectiveness of their investments. Due to an organization’s size and the amount of data in need of processing, it can be challenging to aggregate the metrics required and ensure that information is up-to-date.
The large number of security tools that organizations use can also compound the problem of obtaining reliable metrics. Many solutions are not designed to be part of an ecosystem and output data in different ways. This also makes it difficult to assess the effectiveness of controls holistically and analyze information via one centralized view.
Over half of security experts lack confidence that cyber spending is aligned to the most significant risks that their organizations face or will face.
Obtaining the insights needed to assess the effectiveness of security investments accurately is one thing but they also need to be applied. Among the tasks that security teams must perform to ensure that their controls work effectively include:
Ensuring that they are fed the right security logs and telemetry
Developing detection rules to alert on adversary behaviors
Testing and updating rulesets to ensure they remain effective
Mapping threat coverage to frameworks such as MITRE ATT&CK
Keeping controls tuned remains a significant challenge, even for financial services organizations with large security teams.
According to analysis by Picus Security, it takes an experienced engineer an average of seven hours to develop a single detection rule for a SIEM tool. When you consider that to achieve broad threat coverage and visibility, organizations must implement hundreds of rules, it’s easy to understand why many simply aren’t able to find the time and resources required to keep up with prevention and detection engineering processes.
On average, a quarter of an organization’s SIEM rules are broken and will never trigger
Security Control Validation(SCV) enables organizations in the financial sector to get the best from their security investments by validating, measuring and helping to optimize the performance of their controls continuously, 24/7.
The Picus Complete Security Validation Platform simulates thousands of real-world threats, including key threats facing financial services firms, to assess threat prevention and detection capabilities. In addition, it also supplies actionable mitigation insights plus signatures and correlation rules, to help address security gaps more swiftly and effectively.
By calculating an overall security score for deployed technologies, both individually and collectively, The Picus Platform enables security leaders to understand organizations’ threat readiness, measure improvements and maximize value.
With The Picus Platform:
View real-time metrics to measure the performance of controls, track the impact of improvements and demonstrate ongoing value.
Optimize toolsets more effectively
Clearly understand where controls are failing and mitigate weaknesses more swiftly and effectively.
Decrease time to value
Get the best protection from security controls as early as possible by reducing the time to configure, tune and test them.
Remove unnecessary or underperforming tools by understanding where there is an overlap in coverage and capabilities.
Automate manual tasks
Alleviate the time it takes to conduct otherwise time-consuming processes and achieve greater impact for less effort.
By automating otherwise manual and time-consuming assessment, mitigation and reporting processes, The Picus Platform helps organizations in the financial sector to enhance cyber resilience and improve the efficiency of security operations.
Based upon in-house data, Picus Security estimates that it takes one experienced security professional an average of two days to research, analyze and develop the necessary mitigations required to address a single threat.
On the assumption that over 2,500 new threats emerge annually (the number of threat’s added to The Picus Platform’s threat library in 2021), Picus estimates that organizations leveraging our platform stand to save approximately 5,000 working days annually - the equivalent of 20 security professionals working full time every year.
Across the globe, The Picus Complete Security Validation Platform is used by leading financial institutions to enhance cyber resilience.
To learn why ING Bank describes our solution as a ‘game-changer’, please feel free to reach out for more information or request a demonstration.