August 16, 2015 by Asha Barbaschow (c) ZDNet
With an Australian banking customer base including ING Direct and Westpac, Texas-based identity and access management firm SailPoint said that there is an increasingly strong focus on protection from internal attacks.
The biggest security threat facing the Australian banking sector is an internal breach, according to identity and access management (IAM) security firm, SailPoint.
“A lot of security issues trace back to people,” SailPoint vice president of product management Paul Trulove told ZDNet.
“You can put a lot of systems or preventative controls in place but if people don’t do the right thing you can still have the same level of security breaches and exposure financially and reputationally as you would without all of those measures in place.”
SailPoint was founded as a result of a split-off of the team behind the “Gen1” provisioning solution, Waveset Technologies. Waveset was sold to Sun Technologies in 2004 for $136 million, which was then itself sold to Oracle for $5.6 billion in 2009.
With its first product launched in 2007, Trulove said that its Australian customers were as quick, if not quicker, to embrace the identity and governance solution.
“Unlike a lot of US-based companies, we actually started in Australia at the same time we did in the US,” he said. “Within the first year of having the product available, we already had a partner down here that was driving our go-to-market activities, and all of our first customers in Australia were banks.”
In Australia, SailPoint currently looks after the internal security concerns of ING Direct, as well as Westpac, with Trulove confirming the company has most other major banks in Australia as customers.
“One of the things I will tell you about banks, is that they’re sensitive to people declaring the types of solutions they’re using because they don’t necessarily want everybody to know what kind of security they have,” he added.
Trulove said while there are definitely people outside a company that are trying to access things they should not, once a hacker is in, they are generally using an internal account that already exists.
“This is something we have just seen with the Ashley Madison exposure, people will use the same username and password combinations, and those have now been exposed. I’m sure there’s a whole bunch of hackers who have downloaded that database and are trying to figure out where they can use those credentials,” he said.
“The separation I think is important, and training the end users on what you’re doing to secure the enterprise has to be different to what you’re doing to secure your personal life.
“The enterprise does really need to help train and promote password hygiene, and best practises on a regular basis.”
Trulove said that there is always human error, which is why an enterprise needs to always balance protective and detective controls from within. He added that there is a need for an enterprise to have a people focus, and spend time on explaining the importance of internal security, something he said the Australian banking sector is investing time in.
“I think a lot of organisations have moved beyond trying to prevent everything, to being able to react quicker when something does happen; that move from prevention to detection, remediation, and resilience.
“That is now the best practice conversations that we have with our customers as identity experts: ‘Here’s the right way to implement identity, in order to protect the business from these kinds of things’, but then you need to put these detective controls in place to help balance things, so that when something does sneak through, you can at least know about it and then fix it very quickly.”
The world is waking up (slowly) to the Insider Threats and the challenges to Financial Institutions. The InCyber PAS system will predict insider threats with the highest accuracy in the Cyber Security Ind. To find out more about the InCyber PAS system write to firstname.lastname@example.org or Test Drive our system.