| Vigilant has been one of the pioneers in deploying SIEM as a broader management platform, not only for trading fraud, but also for anti-money laundering as well as real-time business intelligence | ||
|
it security monitoring news
How e*Trade Could Have Avoided $1Million FINRA Fines
Vigilant Makes a Case for Using SIEM to for Complex Transaction Monitoring
NEW YORK – January 13, 2009 – Seven-figure fines, such as the one recently levied by FINRA against e*Trade, are increasingly unnecessary. Security information and event management (SIEM) technologies have evolved to the point that – with custom configuration – they can automatically detect suspicious securities transactions. Best practices are evolving that ensure relatively rapid time-to-value for these tools, and less expensive deployment projects.
“Leading financial services companies have paved the way by proving that it’s possible to integrate all the necessary components – network, system and application-layer data sources – to pinpoint potentially illegal or fraudulent activity. And this is not just after-the-fact analysis of the various events that make up a complex transaction, but real-time monitoring and response,” said Joe Magee, CTO of New York-based Vigilant, LLC.
The real-time aspect is critical, says Magee. Although after-the-fact reporting of suspicious transactions may assuage the auditors – as in the case of AML regulations, which generally give companies substantial lead time to report such activity – these reports are of limited value to the business. What’s far more valuable is the ability to tie potential money laundering to immediate detection of illegitimate wire transfers or account takeovers – fraud that can cost millions of dollars in a matter of minutes or hours.
“This,” Magee says, “is the real value of these solutions – along with the peaceful sleep you get when you’ve got what you need to protect your company’s reputation and maintain customer trust. You can’t put a price tag on that.” The ROI becomes even greater if the same base technology is used across the corporate security infrastructure to streamline more routine security operations.
Key to a successful solution is the close involvement of the company’s business analysts – the people who understand exactly what pieces of information must be monitored and correlated to correctly identify anomalous behavior. These details are highly specific to the particular applications and business processes of each company. Incorporating this knowledgebase into technology controls that are tailored to the company’s environment is essential for protecting against insider threats. These breaches can cost a company millions of dollars in losses – or billions, in the case of Société Générale – not to mention the unquantifiable damage to company reputation.
Although sectors besides financial services are not yet facing serious financial wrath or public scrutiny for failing to comply with other regulations, such as HIPAA and Sarbanes-Oxley, that time will come. Other industries would do well to heed the warning and follow the example of the financial leaders who have adopted SIEM technology. Since putting solutions in place is not a plug-and-play matter, those companies that get started sooner will sooner find themselves ahead of the curve – and able to not just cover regulatory obligations, but establish automation capabilities that create real competitive advantage.
“Leading financial services companies have paved the way by proving that it’s possible to integrate all the necessary components – network, system and application-layer data sources – to pinpoint potentially illegal or fraudulent activity. And this is not just after-the-fact analysis of the various events that make up a complex transaction, but real-time monitoring and response,” said Joe Magee, CTO of New York-based Vigilant, LLC.
The real-time aspect is critical, says Magee. Although after-the-fact reporting of suspicious transactions may assuage the auditors – as in the case of AML regulations, which generally give companies substantial lead time to report such activity – these reports are of limited value to the business. What’s far more valuable is the ability to tie potential money laundering to immediate detection of illegitimate wire transfers or account takeovers – fraud that can cost millions of dollars in a matter of minutes or hours.
“This,” Magee says, “is the real value of these solutions – along with the peaceful sleep you get when you’ve got what you need to protect your company’s reputation and maintain customer trust. You can’t put a price tag on that.” The ROI becomes even greater if the same base technology is used across the corporate security infrastructure to streamline more routine security operations.
Key to a successful solution is the close involvement of the company’s business analysts – the people who understand exactly what pieces of information must be monitored and correlated to correctly identify anomalous behavior. These details are highly specific to the particular applications and business processes of each company. Incorporating this knowledgebase into technology controls that are tailored to the company’s environment is essential for protecting against insider threats. These breaches can cost a company millions of dollars in losses – or billions, in the case of Société Générale – not to mention the unquantifiable damage to company reputation.
Although sectors besides financial services are not yet facing serious financial wrath or public scrutiny for failing to comply with other regulations, such as HIPAA and Sarbanes-Oxley, that time will come. Other industries would do well to heed the warning and follow the example of the financial leaders who have adopted SIEM technology. Since putting solutions in place is not a plug-and-play matter, those companies that get started sooner will sooner find themselves ahead of the curve – and able to not just cover regulatory obligations, but establish automation capabilities that create real competitive advantage.