Over the past years, the increase of investments in CyberSecurity, as certified by leading national and international Observatories, confirm that IT Security has become (net of Covid-19) the primary concern of Chief Executive Officers.
In this context, financial institutions continue to be an easy prey for CyberCrime. Banks, insurance companies, companies providing digital payments and cryptocurrency platforms are indeed the centre of criminal interest.
As our National Observatory on CyberCrime analysis (Exprivia Threat Intelligence Report, Italy – 3Q2021 italian version) reveals, in these months, the financial sector has shown an upward trend in the overall number of attacks, incidents and privacy breaches.
Meeting this challenge and handling and mitigating Cyber risks requires a holistic approach that strives to achieve true CyberResilience, or rather, ensures the continuity of business services, in any situation whatsoever.
To rise to this challenge, Exprivia offers a suitable combination of CyberSecurity solutions and skills, coordinated within a broad strategic vision.
The key points of Exprivia's CyberSecurity offer follow all the phases defined by the NIST to ensure the mastery of skills in this area; Exprivia develops its offer on the basis of these key points:
- Automation during the Proactive phases (Identify, Protect, Detect).
- Accuracy and Speed of intervention during the Reactive phases (Respond, Recover).
The Key drivers for holistic protection which Expiria offers as regards CyberSecurity are:
- Security Awareness: since people are the weakest link in the chain, a specific culture and awareness should be spread through training and the use of tools for recording their levels.
- Omnichannel EndPoint Protection (EPP) with Fraud Management solutions, access protection via devices and EDR/XDR. This also includes the wide domain of IOT Security, where Exprivia plays a significant role since it is one of the few players authorised to issue device certifications.
- Network protection with services and solutions ranging from SIEM and SOAR to behavioural analysis platforms (A.I. Based). Some of these also cover the subsequent elements of the stack, specified below.
- Infrastructure protection with Microsegmentation and access control via IAM/PAM tools.
- Protection of Applications, approaches include Secure Development and Vulnerability Assessment and Penetration Tests (VA-PT), including Remediation; IAM/PAM domain.
- Data Protection, from loss of data (DLP) to unauthorised access, with solutions for GDPR and other regulations.