Dynatrace, a unified platform for observability and security, in its Global CISO Regional Bank 2023 Report, said that a majority of chief information security officers (CISOs) in the financial services sector experience gaps that allow vulnerabilities into production despite having a multilayered security posture.
The report said that 76 per cent of CISOs polled witnessed the aforementioned challenge. It noted that around 58 per cent of financial services organisations have a layered cybersecurity posture, supported by five or more different types of security solutions.
“As regional banks navigate evolving customer demands and embrace cutting-edge technologies, the challenge lies in securing digital innovation without compromise. This can only be achieved by continuous runtime vulnerability management by converging observability and security solutions together,” said Subbu Subramanian, Country Director - India, Dynatrace.
The report added that current security solutions lack the runtime context which can differentiate between a minor and a major risk, resulting in false positive, duplicate, or low priority alerts. This may burden the system to prioritise vulnerabilities.
“Financial services organisations receive more than 2,200 alerts to potential application security vulnerabilities each month. Close to 74 per cent of CISOs agree that the volume of alerts makes it challenging to prioritise vulnerabilities based on risk and impact,” the report stated.
The report polled 325 CISO participants, which included respondents from the U.S., U.K., France, Germany, Spain, Italy, the Nordics, the Middle East, Australia, India, Singapore, Malaysia, Brazil, and Mexico.