Upon his capture in 1934, the infamous Willie Sutton was asked by FBI agents why he robbed banks. He simply replied \u201cBecause that’s where the money is.\u201d Since then, security threats to financial services organisations have evolved through many disturbing trends. Unlike Sutton who actively sought notoriety, today\u2019s cyber criminals tend to operate in clandestine organisations, often using areas of the internet that can\u2019t be reached by regular search engines. Accessing this hidden network known as the dark web requires specific tools that make visitors virtually untraceable.<\/p>\n
A study by RAND Corporation\u2019s National Security and Research Division1<\/sup> describes the dark web as the \u201cplayground of financially-driven, highly organised and sophisticated groups,\u201d and claims that \u201cthis black market for stolen data can be even more profitable than the illegal drug trade.\u201d But such criminal activity has a high price for the victims. The average total cost for a single data breach is $3.8 million2<\/sup>. Then you need to factor in damage to corporate reputation, loss of customers and business interruption.<\/p>\n In addition, Symantec discovered more than 430 million new pieces of malware in 2015, up 36 percent from the previous year3<\/sup>. Perhaps what\u2019s most frightening is that these figures no longer shock us. Cybercrime has become part of daily life and attacks are reported with such regularity that we\u2019re numb to the sheer volume of threats.<\/p>\n The traditional protect and recover strategy assumes that if a financial organisation is adequately protected, it will never be breached. But as we regularly see on the news, no business is immune. While cyber-attacks continue evolving and become increasingly sophisticated, financial institutions are under mounting pressure. If your organisation is in the crosshairs, it\u2019s not a question of whether the attackers can access your network, it\u2019s a question of how quickly they\u2019ll infiltrate.<\/p>\n Financial institutions fully appreciate that yesterday\u2019s defences won\u2019t stop tomorrow\u2019s attacks. Yet there remains an inherent conservatism across the industry whereby institutions need rock solid reasons to transform \u2013 such as Windows 10, which is by far the most secure Windows product to date. Introducing huge advancements in security and identity protection, it\u2019s specifically designed to combat the rapidly evolving world of cyber security.<\/p>\n In 2014, a Milwaukee, Wisconsin-based cybersecurity firm uncovered an estimated 1.2 billion stolen internet userids and passwords amassed by a Russian crime syndicate from a series of attacks on 420,000 websites4<\/sup>.<\/p>\n Single points of verification no longer have a place in cyber-secure organisations. Even if your employees replace their \u2018favourite pet\u2019 and \u2018first child\u2019s name\u2019 passwords with unique alternatives, savvy hackers will still be able to exploit them. So it\u2019s time to say goodbye to passwords with Windows Hello, which dramatically reduces cost while improving security by enabling simple and integrated log-in via face recognition or fingerprint scanning.<\/p>\n Windows Hello<\/strong><\/p>\n A new approach to certificate-based authentication that supports many multi-factor credential options and reduces implementation and deployment complexity. Windows Hello provides solid two-factor authentication and simplicity for end users. When your employees need to provide more than one factor to access their data, it\u2019s more difficult to impersonate them. A stolen password on its own is no longer enough to gain access, and without the additional physical element, a cybercriminal will be further challenged. If your organisation is using an outdated operating system such as Windows 7, without two-factor authentication, you are leaving your network vulnerable to potential data breaches that can easily be avoided.<\/p>\n Secure Boot and Trusted Boot<\/strong><\/p>\n Secure Boot prevents malicious software applications and unauthorised operating systems from loading during the system start-up process. When Secure Boot verifies that the bootloader is trusted and starts Windows, Trusted Boot protects the rest of the startup process by verifying that all Windows startup components are trustworthy and have integrity.<\/p>\n Device Guard<\/strong><\/p>\n Device Guard allows IT departments to govern what runs on a device using technology proven at mass-market scale on the Xbox One. Apps need to be explicitly signed by a trusted authority before they can be run on a Device Guard-enabled device.<\/p>\n Enterprise Data Protection<\/strong><\/p>\n EDP enables automatic encryption of corporate apps, data, email, website content and other sensitive information as it arrives on the device from corporate network locations. Rather than requiring employees to switch between personal and work containers and apps, EDP offers a better user experience, separating and protecting enterprise apps and data across both company and personal devices without requiring changes in environments or applications.<\/p>\n BitLocker<\/strong><\/p>\n Data on a lost or stolen computer is vulnerable to unauthorised access. BitLocker helps mitigate unauthorised data access by enhancing file and system protections. It also helps render data inaccessible when BitLocker-protected computers are decommissioned or recycled.<\/p>\n Credential Guard<\/strong><\/p>\n One of the key security features available with Windows 10, Credential Guard provides protection against the hacking of domain credentials to prevent hackers from taking over your enterprise networks.<\/p>\n Windows Defender<\/strong><\/p>\n Now your employees can secure their own devices and better understand the protections they have in place. With the Windows Defender Security Center, it\u2019s easy to view and control the security features protecting a Windows 10 device.<\/p>\n Windows Defender Advanced Threat Protection<\/strong><\/p>\n Windows Defender ATP is a new service enabling enterprises to detect, investigate, and respond to advanced attacks on their networks. It adds a new \u2018post-breach\u2019 layer of protection to the Windows 10 security stack. Combining client technology with cloud-based analytics, Windows Defender ATP can detect attackers and threats that have evaded other defences. This will help you to investigate the potential scope of breach using relevant Threat Intelligence and response recommendations.<\/p>\n So long as the Willie Suttons of the digital age target financial organisations, you must continue to strengthen your security services. Making sure your business is using an up-to-date security-focused operating system like Windows 10 makes it significantly more challenging for attackers.<\/p>\n Find out more about Windows 10 security features<\/a><\/p>\nFinancial institutions need a new approach to cyber-security<\/h2>\n
New Windows 10 security features provide powerful protection<\/h2>\n