Compliance
  Governance
  Risk-Management
  Security
Features


< Back

Security : Thought Leader :   :  

Military Level Security for Banks
September 2, 2014 12:00 PM

The existing security standards and best practices are not designed to help companies defend themselves against nation states.

By Philip Lieberman
Philip Lieberman
President
Lieberman Software

The ability to overcome the typical financial defense-in-depth strategy outlined by JPMorgan points to capabilities that go beyond criminal activity and are in the realm of nation state capabilities.  JPMorgan and similar entities employ sufficient technology to protect themselves from criminals, but typically fail to invest enough in technology and process to shield themselves from nation state’s ability to access their systems at will. 

The lesson to be learned is that the financial services sector needs to up its cyber security game to move up from commercial security to military level security.  Most banks are focused on obtaining passing grades from internal and government cyber security auditors, but fail to place enough emphasis on the real and constant threats from the outside.
 
The takeaway message is that most of the financial services sector has little to no protection from nation state attacks and is not willing to spend the money to protect themselves, nor do they have senior leadership capable of redesigning their organizations for secure operation against nation states.  The USA financial sector has much better security than other areas of the world by far, but without significant rethinking and redesign, it will struggle to survive against nation states.  

The existing security standards and best practices are not designed to help companies defend themselves against nation states.  That is not say that companies are not operating at a level capable of defending themselves against nation states, only that the official best practices and standards provide little guidance or requirements that would lead to a company surviving an attack.

 





Philip Lieberman
President
Lieberman Software

Philip Lieberman, noted cybersecurity expert and founder/president of Lieberman Software, has more than 30 years of experience in the software industry. In addition to his proficiency as a software engineer, Lieberman developed the first products for the privileged identity management space, and continues to introduce new solutions to resolve the security threat of privileged account credentials.   He is frequently quoted by industry news organizations as well as mainstream media and has published numerous books and articles. 








About Us Editorial

© 2017 Simplex Knowledge Company. All Rights Reserved.   |   TERMS OF USE  |   PRIVACY POLICY