Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Security Use Cases by Industry

DZone 's Guide to

Security Use Cases by Industry

Use cases are especially prevalent in financial services and healthcare.

· Security Zone ·
Free Resource

To understand the current and future state of the cybersecurity landscape we spoke to, and received written responses from, 50 security professionals. We asked them, "What are some use cases you’d like to highlight?"

While we covered application use cases in the previous article, here's what they told us about use cases in different industries.

Financial Services

  • A large asset management company secures many trillions of dollars. They have a very complex infrastructure, more than five data centers, two/three public clouds, with virtually every database in the world. All databases need to remain encrypted in the data center and the cloud. We sell appliances to put in the data center to encrypt all on-prem data and operate a SaaS service that provides encryption as a service in the cloud. We provide keys, access patterns, and logs, while access controls remain 100 percent opaque to us. We’ve tied our on-prem and cloud offering together so keys can move from one to the other to achieve Interoperability between the environments. Clients don’t have to worry about encryption and key management. 2) We’re also working with large world top-10 bank who is collaborating with a large telco. Both companies have some customer data and wanted to figure common hypotheses. Do we have similar account holders, the same service users? They didn’t want to share customer data and couldn’t for security reasons. We allowed them to encrypt the data in their own environment, bring into runtime encryption and then run queries and run in runtime encryption get the results back. They were able to share insights without giving access to the raw data.
  • Data exfiltration, legacy application protection, account takeover, cataloging APIs, API vulnerabilities, and service disruption. 1) We help a financial company automatically and continuously perform a full discovery of all APIs in their application environment to maintain an up-to-date catalog. This helps their security team perform regular risk assessments with the ability to discover new APIs as they’re deployed and an understanding of where APIs are exposing PII and other sensitive data. 2) We help an application provider monitor API usage and identify new APIs as they are deployed in their rapidly changing CI/CD development environment. This has not only provided their security team with more insights into their APIs but has also helped them work with development teams more efficiently.
  • 1) Financial services companies are regulated. They are leveraging Kubernetes for accelerated app delivery. This creates challenges in how to meet test compliance regulation. 2) We help companies migrating to the cloud by delivering and deploying a security platform into the test stage and production environment under best security practices. We help them articulate in a very detailed manner what’s being migrated. This is something that helps them to understand how they end up in the migration stack and gives them a good handle on the entire security practices as a whole.
  • A large US bank is transitioning infrastructure to the cloud. They have a policy of assuming everything they put up is hacked and two weeks later they have rebuild from scratch. They pull all logs from all firewalls to a central repository, reconfigure from scratch using templates and APIs. It’s interesting all of the stuff we tout this company is doing it all.
  • A large global bank recognized 350,000 endpoints in their environment with a lot of custom applications created in house which they needed to keep up to date. They were performing eight million health checks per day with the platform. They auto-remediated a large number of vulnerabilities without human intervention. This is critical given the dearth of IT security professionals. We’re projected to run 3.5 million people short in cybersecurity by 2021. They needed to automate. We helped them with tools and automation to scan all endpoints on a regular basis, identify what was out of compliance, and remediate where ever possible. We provided flexible tools and products to keep up with the changes. We helped them automate the scans and remediation and while having the flexibility to constantly adapt. Formerly they were just able to identify vulnerabilities and fix as many as possible. Now, they prioritize the vulnerabilities and fix as many as quickly as possible as workloads continue to grow.
  • With our solutions and services, customers can strengthen business and security functions. 1) For one large enterprise bank, eliminating the ability for intruders to move laterally through the environment in the event of a breach is critical in reducing data loss. 2) One financial services company has deployed a number of disparate privileged access securing solutions and wanted to standardize enterprise-wide. The leadership team recognized that we were the only vendor who can scale to seamlessly manage secure and provide a single point of control across on-premise, hybrid and cloud. 3) A leading technology company picked us over an incumbent vendor to securely implement its digital transformation strategy, which will begin with deployment in the Google cloud platform. 4) A medical device company will be implementing endpoint privileged manager for about 25,000 workstations and 3,000 Windows servers.

Image title

Healthcare

  • A large healthcare organization that was using a legacy WAF solution was struggling to manage the constant tuning of security rules. The organization’s global footprint required them to deploy applications multiple times across geographies. As a result, the operational burden on their security teams to maintain and tune protection for the applications was enormous. They wanted a cloud-based solution that enabled them to manage security for all their apps. In addition, they wanted it to be easy-to-deploy and manage while still delivering detailed information on their overall attack situation. We replaced their legacy WAF with the ThreatX WAF and quickly supported their expansion into the cloud across all their geographies. The customer could leverage dashboards to see which entities were attacking them as well as the applications that were vulnerable to various types of attacks. Once they could see how accurate our solution was and how quickly we could scale up, they expanded their implementation to over 100 applications.
  • Healthcare is extremely worried about their models and ransomware. They understand what the crown jewels are. Unfortunately, these crown jewels are spread across the entire landscape and can end up with weak security. Patient records are key to focus on good hygiene, health records, and patient care. We help clients model the business risk and then the security risk. We train our MSPs to look at the business and coach their clients on reducing risk to a manageable level.

Image title

Government/Municipal/Public Safety

  • The government sector was one of the first to adopt cyber range training for their security and defense teams. They made it a team sport with the advantages of working together to avoid gaps that adversaries slip through. They are able to “train as they would fight” in safe environments without compromising the integrity of their actual networks. In doing so, they’ve led the way for commercial businesses to follow suit in such adoption. Academic institutions are using persistent cyber range learning to better prepare their students to enter the cyber workforce. This provides a much needed and effective immersive cybersecurity environment. Coupled with concept-driven curriculum learning, students have the opportunity now to apply their learned concepts in safe training environments to build skills. A few forward-leaning cities are starting to prepare for regional cyber defense, involving public and private industries (i.e., the key terrain for a mayor or governor) in realistic cyber exercises using virtual worlds replicating the cities infrastructure. With the advent of massive ransomware attacks, as evidenced in 2018 in Atlanta, this disaster preparedness for a coordinated cyber-attack is non-too-soon.
  • A major police agency was storing all of their evidence data on our platform. They brought in an outside contractor who lost a bunch of data. Since the data was stored on our platform, the police were able to retrieve their data. Change has occurred in healthcare as well with MRIs and cat scans now stored in gigabytes of data files. These files need to be stored for many years in a secure archive of medical data.

Image title

Retail

  • Shell has 16,000 stores in North America. It’s a large corporate brand most interested in security for their brand. All of the stores owned by franchisees. They don’t have the same security interest as corporate. Each franchise is running their own systems and devices. The average franchise has 50 stores so they have their own network needs across their footprint. By virtualizing security functions at the store level and the cloud we can meet the needs of corporate and franchisees.

Other

  • Our typical customer is either an MSP white labeling our product or a small or medium-sized business with a limited internal IT department (and little in the way of internal cybersecurity expertise). These businesses need a way to very simply secure their data and often require a partner organization with the expertise to properly manage their data and device security on their behalf, as a managed service.
  • We have a broad range of companies with multiple levels of security concerns in medical, financial, and small shops. Spotify is a good example where security is important -- don’t leak PII private musical perspective. They have a different security perspective. For a lot of companies, the base level they want is pre-deployment scanning of what they are deploying. Make sure software installing doesn’t have a zero-day vulnerability you don’t know about. That’s different from classical security scanning. Before you do a deployment, integrate with tools for security scan each and every time. Have a process to handle a violation with different processes for different stages.

Here’s who shared their insights:

Topics:
security ,use case ,privacy ,cybersecurity ,research ,data ,cloud ,data privacy

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}