Combining and correlating data to meet specific regulatory compliance requirements can prove cumbersome for financial institutions. Combining that data along with real-time threat detection and analysis, and working it into an incident response plan, can prove nearly impossible.
Register for this webinar for insights on:
How to detect, in real-time, a variety of threats by managing logs, events, databases, and applications;
Preparing an incident response plan based on advanced analytics and detailed forensics;
Reducing the manual processes many financial institutions go through when trying to convey compliance with industry regulations;
Unifying compliance and operations using Security Information and Event Management (SIEM)
Compliance and security are often viewed as two distinct challenges that financial services organizations must address. Multiple regulatory compliance requirements, including PCI-DSS, GLBA and SOX, require the monitoring, collection, archiving and analysis of activity logs from computing and network infrastructure. Organizations typically address these requirements with costly and time-consuming manual processes that are able to capture and store the needed data and generate the minimum set of reports needed to satisfy basic compliance mandates.
Automating these processes can provide effective controls that dramatically increase efficiency of the IT staff and enable them, for the first time, to integrate compliance data with other information as part of their threat detection and incident response processes. Combining and correlating additional data like user activity, real-time events, network flows, session information and application layer data provides the added visibility and deep insight to identify the ever-increasing range of threats and malware relentlessly attempting to penetrate the defense in depth architectures of financial institutions.
Advanced security information and event management (SIEM) technology readily addresses both the scheduled monitoring and reporting needs of compliance officers and the real-time analysis and response demands of security operations center analysts. Pragmatic approaches to the implementation and operations of SIEM solutions can quickly bring these powerful solutions on-line and deliver actionable intelligence that reduce risk.
Kostas Georgakopoulos is VP & Head of Information Security at the Bank of China, USA and responsible for developing and implementing security standards, procedures and guidelines in order to effectively protect the Bank's information and systems and address compliance with FFIEC & PCI security standards. Previously, Kostas was the VP of Information Security Governance at Deutsche Bank, New York, where he managed the information security governance program and provided senior management with a clear and concise view of IT risks.
Mel Shakir serves the office of the CTO at NitroSecurity where he brings over 15 years of experience in software development & management, information security and database technologies. He is responsible for developing and implementing NitroSecurity's overall technology vision and roadmap, including next generation application and database security management solutions. Previously, Mel architected and developed advanced database security solutions as CTO of Rippletech, which was acquired by NitroSecurity in 2008.