Security News > 2023 > September > Why more security doesn’t mean more effective compliance
For financial institutions, the way to do so is not necessarily by investing in new security tools; it's by getting more value from existing technology through automated monitoring and optimization.
Beyond the direct hit to impacted businesses, there's a more acute risk that makes governments and regulators nervous: A serious attack on the banking system could have a debilitating impact on national and economic security.
These include more rigorous and expansive requirements around multi-factor authentication, monitoring and filtering of email and internet traffic, user education, incident response plans, penetration testing, application security and annual risk assessment.
It is security controls like endpoint detection and response or data loss prevention that ensure organizations can enforce their carefully devised security policies, to better manage and minimize cyber risk.
Given their relatively healthy cybersecurity budgets, it may be tempting for financial institutions to react to growing compliance mandates by investing in yet more controls.
They need a more automated way to continuously measure and evidence KPIs and metrics across all security controls.
News URL
https://www.helpnetsecurity.com/2023/09/22/financial-institutions-compliance-requirements/
Related news
- 7 Security and Compliance Tips From ISC2 Security Congress (source)
- AWS security essentials for managing compliance, data protection, and threat detection (source)
- CISOs in 2025: Balancing security, compliance, and accountability (source)
- Navigating the compliance labyrinth: A CSO’s guide to scaling security (source)