Financial Networks and the Need for Network Forensics Financial organizations are the principal targets for hackers, organized crime, and cybercriminals - and the increased sophistication and sheer numbers of their attacks have repeatedly demonstrated their ability to find and exploit vulnerabilities. As a result, even the best-defended networks continue to be penetrated. Financial organizations must be prepared to respond swiftly and mitigate any security breach. Although the financial industry diligently deploys leading edge security technologies and products, there is no way to foresee every possible system vulnerability, or to defend against every possible attack. Critical systems will continue to be breached, and financial organizations of all sizes need to prepare for these attacks by having a forensic record of what happened on the network. This will allow network defenders to easily see if newly discovered vulnerabilities have already been exploited, quickly contain successful attacks, rapidly mitigate damages, and do a better job preventing the same exploits from happening again.

Challange

Commercial banks, credit unions, savings and loans, brokerage firms, insurance companies, and other financial institutions have very unique cybersecurity challenges. Not only are these organizations on the front lines in the battle against computer security, they are members of one the most heavily regulated industry in existence.

Numerous laws and initiatives such as the Gramm Leach Bliley Act (GLBA), the Sarbanes-Oxley act (SOX), Senate bill 1350 and California 1386, Basel II, and many others continue to effect and change the way organizations manage and protect critical information. These regulations require that IT management establish controls to ensure security and compliance. This includes controls over program changes, access to programs, computer operations and application controls. Organizations must also be able to monitor, audit and provide proof of compliance with the regulations.

Furthermore, regulations such as senate bill 1350, CA-1386 and the similar bills in most states require that individuals be notified if there is reason to believe that their personal data has been compromised.

Network Forensics - The Solution

Unfortunately, in the past there has been no way to cost effectively record what is happening on an organization's network. It has been extremely difficult, if not impossible to determine the extent of damages from a security breach, and therefore really know which or how many individuals have had their data stolen.

Proving compliance with the various regulations has also been difficult. Although it's relatively easy to show that a control is in place, to show that the control is effective, and that no sensitive data has been accessed or traversed the network in an unauthorized manner has been very difficult.

Products from Solera Networks solve these problems. Everything that happens on the network is captured and saved by Solera DS Forensics Appliances. Every data packet or session can be replayed and viewed by security analysts or business executives. They can learn who is logging in, what processes are started, what files are accessed, modified, or transmitted, all within seconds of their occurrence. Attacks can be replayed to learn precisely what happened and to determine the true scope of a breach and the extent of the damages.

Implementing Network Forensics from Solera Networks enables financial organizations to be in full compliance with the latest and most stringent requirements. More importantly, it helps the organization protect the valuable assets that are critical to the viability of their business.

---