Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Zero Trust in financial services

Issue 3 2022 Editor's Choice, Security Services & Risk Management

By Hila Meller, BT vice president, Security, Americas, EMEA and APAC.

When it comes to adopting a Zero Trust approach, many organisations in the financial services sector already have most of the constituent parts required. In fact, we estimate organisations already have between 60-80% of the security building blocks that banking and financial services organisations need to adopt a Zero Trust approach. But moving from existing approaches to a new security model is a challenge. What needs to come next is a change of stance and a unification process to protect their business as they evolve.

In our white paper ‘Why you need to turbo-charge your Zero Trust journey’ (www.securitysa.com/*bt1), we identify eight guiding principles for Zero Trust in banking and financial services.

1. Identify your goal and pull it through your planning

Form your security strategy around the fundamental assumption that you will always be operating a dynamic network in a hostile environment. Centre your thinking around how you can best use automated processes to create security rules that change dynamically in response to context. But remember that automating a broken process is a swift route to failure; make sure you’re training your AI to make correct decisions about risk so it can automate the appropriate response.

2. Assess existing capability before investing in more

Don’t rush to spend money on ‘Zero Trust’ point products because you may be duplicating capability or investing in areas that aren’t a priority for your organisation. Instead, optimise the value you already have in your security estate by establishing what latent capabilities you possess. For example, layer 1, 2 and 3 segmentations along with very narrow access lists could be a fruitful first step on your Zero Trust journey.

3. Focus on removing peer-to-peer protocols

Segmentation is your key defence in a Zero Trust environment, but you won’t be able to segment your network if you’re running peer-to-peer protocols. A vital part of any attacker’s kill chain is the ability to pivot from one host to another, but if you limit their ability to move easily, then you neutralise entire classes of attack. Think about how 5G architectures cut out peer-to-peer connections, forcing every call to go through a central gateway – this model should be your aim.

4. Control access to core assets

Leverage your security investments to secure your cloud and data centre servers, using Zero Trust segmentation to coordinate traffic authorisations across your estate. This needs to be universal so it’s as watertight as possible and servers only accept traffic sent by authorised users. Consider investing in red teaming ethical hacking exercises to check the security of your key assets.

5. Incorporate user identification

Limit your exposure to risks by only opening ports in your environment when they’re needed. Make user identity the first key to access your systems and make sure permissions are revoked as soon as the user logs out.

6. Build in security-by-design to your projects

Investigate how containerisation can be a springboard for your security DevOps, providing a pre-certified and pre-configured software ‘container’ that you can build on to create automation and machine-to-machine application service models. Containerisation is an ideal opportunity to leave waterfall cycles of patching behind, instead offering security that flexes with context.

7. Segment, segment, segment

Introduce micro-segmentation to segregate – and protect – your network at a granular workload level. This will give you the real-time visibility you need, as you monitor application behaviour and connections to understand what is talking to what and to identify risks. It will also give you the level of control you need to improve your breach containment, preventing lateral movement and reducing the blast radius of any attack.

8. Activate your human firewall

Remember the user in all this and make it easy to do the right thing and hard to do the wrong thing. Educating and motivating your workforce to follow protocols and stay vigilant against potential attacks is just as important as any other aspect of your Zero Trust security journey.

When you’re operating in an environment that’s constantly shifting in ways that open up new vulnerabilities, adopting a Zero Trust approach is essential. Getting it right is about extracting and extending value from your existing investments rather than jumping straight into new ones. Once you’ve identified latent capabilities that you can leverage immediately, employing these eight principles will alleviate the challenges of moving to a new security model.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

SABRIC Annual Crime Statistics 2024
News & Events Security Services & Risk Management Residential Estate (Industry)
SABRIC has released its Annual Crime Statistics for 2024, reflecting a significant decline in financial crime losses, but also warning of the growing threat posed by artificial intelligence (AI) in fraud schemes.

Read more...
SA’s private security industry receives multi-million USD investment
News & Events Security Services & Risk Management
South Africa's private security sector has attracted significant international attention, with the world’s largest tactical flashlight manufacturer, Nextorch, announcing a major investment in its local operations, Nextorch Africa.

Read more...
Making drone security more accessible
Editor's Choice Integrated Solutions Residential Estate (Industry) AI & Data Analytics IoT & Automation
Michael Lever discusses advances in drone technology, focusing on cost reductions and the implementation of automated services, including beyond line of sight capabilities, for residential estates with SMART Security Solutions.

Read more...
Private fire services becoming the norm?
Technews Publishing SMART Security Solutions Editor's Choice
As the infrastructure and service delivery in many of South Africa’s major cities decline, with a few, limited exceptions, more of the work that should be done by the state has fallen to private companies.

Read more...
View from the trenches
Technews Publishing SMART Security Solutions Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
There are many great options available to estates for effectively managing their security and operations, but those in the trenches are often limited by body corporate/HOA budget restrictions and misunderstandings.

Read more...
IVA AI Pro Visual Gun Detection
Products & Solutions Surveillance Security Services & Risk Management Residential Estate (Industry)
Bosch has announced the launch of the IVA AI Pro Visual Gun Detection analytics based on deep learning. It is designed for automatic detection and classification of people and brandished firearms.

Read more...
IP-based horn loudspeakers
Products & Solutions Surveillance Security Services & Risk Management Residential Estate (Industry)
Bosch has announced the launch of its new IP-based horn loudspeakers and amplifier module: the high-output LHN-UC15L-SIP horn (for long-throw applications), the compact LHN-UC15W-SIP horn (for wide-angle coverage) and the AMN-P15-SIP amplifier module.

Read more...
SMART Estate Security Conference KZN 2025
Arteco Global Africa OneSpace Technologies SMART Security Solutions Technews Publishing Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
May 2025 saw the SMART Security Solutions team heading off to Durban for our annual Estate Security Conference, once again hosted at the Mount Edgecombe Country Club.

Read more...
SSG Holdings acquired by Fidelity Services Group
News & Events Security Services & Risk Management
Fidelity Services Group has successfully acquired a majority shareholding in SSG Holdings. The acquisition builds on Fidelity’s track record of strategic expansion, including previous high-profile acquisitions.

Read more...
Get the AI fundamentals right
Leaderware Editor's Choice Surveillance AI & Data Analytics
Much of the marketing for CCTV AI detection implies the client can just drop the AI into their existing systems and operations, and they will be detecting all criminals and be far more efficient when doing it.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.