NIST Guidance for Financial Services: Protecting Privileged Access is a Business Imperative

January 24, 2019 Katie Curtin-Mestre

Success in today’s financial services market means constantly innovating to meet evolving customer expectations, such as enhanced personalization, mobile banking and cloud-based digital service options. Yet digital disruption and deeper customer engagement mean financial institutions must rely on a broader ecosystem of vendors, partners and disparate internal teams and systems. This results in a host of new privileged users and applications that have access to the organization’s information systems and proprietary information.

Both external attackers and internal malicious actors seeking to compromise financial systems understand this and have focused their efforts on privileged credentials.

New NIST Guidance on Managing Privileged Access
To help the financial sector harden defenses against cyberattacks and privileged credential misuse while continuing to drive digital transformation initiatives, the National Institute of Standards and Technology (NIST) recently released draft guidance on “Privileged Account Management for the Financial Services Sector.” The publication – available in its entirety here – outlines a robust reference design illustrating how financial institutions can implement a comprehensive privileged access management (PAM) system to effectively secure, manage, control and audit privileged accounts.

A worthwhile and informative read, the piece comprises practical guidance and common use-case scenarios to help financial services organizations overcome PAM security challenges and:
• Identify vulnerabilities and risk factors within their environment
• Limit the opportunity for a successful attack by improving control over privileged accounts
• Improve efficiencies by reducing the complexity associated with managing privileged accounts
• Minimize the damage that results from misuse and mistakes by internal/external actors
• Automate enforcement of existing access policies
• Simplify compliance by producing automated reports and documentation

Safeguard Stronger Customer Engagement with CyberArk
The need to innovate means financial services organizations continue to expand and evolve. However, this agility needs to be anchored by a comprehensive, time-tested and proven PAM solution. Used by 21 of the top 25 financial organizations worldwide and consistently recognized by top analysts as a market leader, the CyberArk Privileged Access Security Solution is the only solution that can detect and prevent privileged attacks across on-premises, cloud and DevOps environments.

Discover how to capture new opportunities without jeopardizing brand reputation or regulatory compliance by downloading our industry brief, running a cost-free network scan to uncover potential sources of risk or engaging the CyberArk Red Team to test your organization’s ability to effectively defend against cyberattacks.

Previous Article
Real Substance on Privileged Access in DevOps and Cloud
Real Substance on Privileged Access in DevOps and Cloud

If you share a generation with me (which is, uh, old), then you likely will remember those great Wendy’s TV...

Next Article
Stop the Presses: Ryuk Holds LA Times for Ransom
Stop the Presses: Ryuk Holds LA Times for Ransom

Learn about the malware attack that disrupted the nationwide distribution of major newspapers affiliated wi...