When it comes to advanced threat response, most financial institutions say their current abilities are average. Only one-third say automation is crucial to how they identify and respond to threats. This ebook is developed from a recent survey & related panel discussion of APAC and ANZ experts who analyze the state of security automation in financial services, the need for seamless integration and interoperability with tools and technology stack, and a well-orchestrated approach that helps detect, respond and remediate threats.
Attacks can be damaging as threat actors gain access and move laterally through your systems, collect data in a central location and then encrypt it and send it out of your environment, says Leonard Kleinman, field CTO and evangelist in JAPAC for Palo Alto Networks' Cortex, an integrated suite of AI-driven, intelligent products for the security operations center. "When you understand those behaviors, you can start to use automation through a playbook that identifies and looks for those types of behavioral activity that allow organizations to identify cybercrimes as they happen," Kleinman says.
Ian Lim, field chief security officer in JAPAC for Palo Alto Networks, warns that attackers are applying multiple stages of automation to their techniques. "While the attackers are automating stage one, we are fighting manually," Lim says. "Automation should be implemented in stage one when a lot of these initial alerts that you're drowning in need to be orchestrated and automated, so that we can focus on threats."
To implement advanced automation, Shivkumar Pandey, group chief information security officer for the Bombay Stock Exchange, recommends focusing on four critical parameters - integration, identifying repetitive incidents, scale and resources. "Automation is a journey, and the first thing to automate is L1, which is to identify repetitive incidents and automate the process to respond faster," Pandey says.
Explore this eBook to know more about the video interview with Information Security Media Group, where these experts discuss the findings of a recent survey with Palo Alto Networks and Accenture and how to:
- Automation security controls to deliver visibility and monitoring across the entire infrastructure;
- Use automation to reduce supply chain and other forms of risks;
- Take a practical approach to implementation to improve operational efficiency, reduce incident response times and streamline processes.