March 14, 2016 | Security and Risk | John Worrall
If you talked to a brokerage leader 10 years ago, the conversation around cyber security usually focused on achieving compliance. Today, in order to mitigate the risk of attacks, compliance is the beginning, not the end.
It’s imperative to go well beyond compliance, and this is particularly true for online brokerage organizations. Regardless of size, these organizations are natural targets for cyber attackers. Online brokers focus on customer service, and this often extends to keeping usability, accuracy and speed at the core of their transactions. These elements are not only central to the business but also to their product.
Mixing this type of business model with an environment that is always-on and always moving sensitive, high-risk data around multiple systems, creates a high-value target for a cyber attacker.
The brokerage industry relies heavily on developers and technology analysts to streamline the customer experience, making sure that their brokerage products scale and provide the most accurate information. As a result, the industry has a larger than average IT support and development staff when compared to similar sized companies within other industries.
The operating environment that brokerage organizations typically embody creates the following cyber risks:
- Large IT Staff: The larger than average IT staff often results in larger than average access to high-risk, backend systems, applications and data. This access is available to a large array of teams and people, including developers and vendors. In order to do their job, this operational staff needs as much access as possible to make changes, patch, reboot a server, restart a service install software and more. This accessibility often leads to a greater chance for compromising high-risk data or stopping a critical service.
- Privileged Access Abundance: Because of the large IT teams and other users that require credentials to complete financial transactions, the modern attacker knows these online brokerage institutions have an abundant amount of privileged accounts. Once attackers find a way inside the network, they may continue to make lateral moves, escalate privileges and cause damage before they are even detected.
- Wealth of Data: Brokerage applications and systems hold very valuable information, from personal information, to financial trends, to account balances. Access into these systems equates to access into bank accounts, wire transfers and various other monetary transactions.
- Too Much to Track: Online brokerage accounts are based on hundreds if not thousands of automated transactions. These transactions occur at high rates of speed and between various systems. The whole business relies on these transactions occurring at the right time with the right information. This makes it easy for an intruder to cripple the entire system with a minor tweak.
Controlling, monitoring and auditing privileged access is vital to mitigating the risks within brokerage organizations. Brokerage organizations can implement a stringent cyber security platform while continuing to provide customers with a scalable product.
By adding proactive security controls along with detection on what really matters, brokerage organizations can mitigate the risks that stem from their business model and the operating environment that is always-on and always moving sensitive, high-risk data around multiple systems.
To learn more about best practices for protecting privileged accounts, download and read “The Three Phases of Securing Privileged Accounts: A Best Practices Guide.”