Last week, Striim brought their financial services security offerings to the Financial Services Information Sharing and Analysis Center (FS-ISAC) Fall Summit, the only industry forum for collaboration on critical security threats facing the global financial services sector. Leading security experts and professionals gathered for three days to share case studies, discuss modern threats facing their business, and network within the community.
As financial services security infrastructure becomes more susceptible to intrusions due to the evolution of security threats and the growing number of entry points, Striim signed on to the conference to demonstrate how Striim’s streaming data integration capabilities is enhancing how organizations detect and alert on potential threats.
In support of FS-ISAC, we posted a blog post, “Real-Time Enterprise Security Analysis with Streaming Integration,” highlighting how Striim’s core capabilities around financial services security complements current enterprise security solutions so that security analysts can make critical, data-driven decisions in real time.
Based on our conversations with attendees and other vendors over the three days, below are four key takeaways from FS-ISAC:
- Thinking beyond traditional SIEM platforms: A vast majority of the attendees we spoke with unanimously agreed that traditional SIEM platforms are simply not good enough, especially when it comes to separating signal from noise amidst security events. In explaining our platform, most attendees saw immense value in using Striim in-front of the SIEM platforms to filter and correlate data from third party vendors (e.g. Threat Intelligence Providers).
- SIEM platforms are getting expensive: In addition to the upfront costs, the consumption-based pricing of many SIEM platforms is leading to spiraling costs. Using Striim, the unexpected costs can be controlled as our platform can filter and route the high volume and velocity data into appropriate targets—routing true signals into SIEM platforms, and noise into cheaper storage that can be referenced for compliance and other investigations when required.
- Integrations, Integrations and More Integrations: We learned that, in the realm of financial services security solutions, having a successful cybersecurity strategy involves integrations with various types of security vendors including Threat Intelligence Platform (TIP) vendors, who primarily aggregate, normalize, and enrich threat feeds from a variety of sources, as well as Security Orchestration, Automation, and Response (SOAR) vendors. Integrations with these vendors enhances the potential of offloading of real-time security operations from traditional SIEM platforms. Striim’s strength in integration with heterogeneous external sources and targets is highly valuable when integrating with TIPs for getting the latest reference threat data (e.g. blacklist IPs) and integrating with SOARs for real-time alerting and automation.
- More Trust in the Cloud: Historically, moving to the cloud had often been met with doubt and uncertainty in the ability to keep private – particularly financial – information safe and secure. Compared to previous security events we’ve attended, we noticed an uptick in the number of sessions there were regarding how to securely move to a cloud environment. Sessions included case studies on a successful move to the cloud, what you should be asking cloud providers, and how cloud computing can offer stronger controls and better threat management than most traditional tools and environments. Striim is a leader in secure movement of on-premises data to cloud environments, enabling in-flight enrichment of data streams with data masking algorithms.
This year’s FS-ISAC Fall Summit was an enormous success, and Striim was proud to be a part of it. To learn more about how Striim can help organizations enhance the analysis of their financial services security data, please visit our “Enterprise Security” solutions page, schedule a demo with a Striim technologist, or download a free trial of the platform.