Dynatrace, an observability and security solutions company listed on New York Stock Exchange, has said that financial services organisations receive more than 2,200 alerts on potential application security vulnerabilities every month. About 33 per cent of them receive such messages every day, causing a concern for Chief Information Security Officers (CISOs).
Security teams at financial institutions are being bombarded with many alerts, many of which are false positives, duplicates, or low priority.
“As many as 74 per cent of CISOs agree that the volume of alerts makes it challenging to prioritise vulnerabilities based on risk and impact,” it said in a report – Global CISO Regional Bank 2023 Report.
The report says there is an urgent need for organisations to deploy advanced runtime vulnerability management solutions to fortify the existing security framework of financial institutions.
This report is based on a global survey of 325 CISOs, working for large financial services enterprises with more than 1,000 employees. It was conducted in countries like the U.S., U.K., France, Germany, Spain, Italy, the Nordics, the West Asia, Australia, India, Singapore, Malaysia, Brazil, and Mexico.
Mounting challenges
“Driven by customer demand, regional banks are increasingly incorporating dynamic multi-cloud environments, cloud-native architectures, and open-source code libraries that are further accompanied by mounting challenges in managing and mitigating risks throughout the development lifecycle, like the Log4j vulnerability in 2021,” it pointed out.
About 76 per cent of CISOs in the financial services sector believe that despite having a robust, multi-layered security posture, gaps still allow vulnerabilities into production.
“Even though 58 per cent of financial services organisations have layered cybersecurity frameworks with five or more different types of security solutions, only 6 per cent have real-time visibility into runtime vulnerabilities,” it said.
“As regional banks navigate evolving customer demands and embrace cutting-edge technologies, the challenge lies in securing digital innovation without compromise. This can only be achieved by continuous runtime vulnerability management by converging observability and security solutions together,” Subbu Subramanian, Country Director- India, Dynatrace, said.
Published on November 6, 2023
