bankingciooutlook

Praesidio: Redefining Secure Banking on the Cloud

Sean Cassidy, CTO, PraesidioSean Cassidy, CTO In the age of cloud computing and the hyper-connected consumers, the security concerns of a bank in particular weigh heavier than any other corporation. Being the keepers of a country's most sensitive financial data, matters relating primarily to security loom ominously over a majority of CIOs in the banking sector and the common thread of apprehension binds them at the very name of cloud-based services. Ironically, what most banks fail to understand is that portions of their business—such as the website and third party transactions are already in the cloud. In such a scenario, what the banking sector requires is a secure cloud option which will allow them to extract the advantages surrounding cost and flexibility, as opposed to negating the idea of cloud completely. What also takes precedence is choosing the right cybersecurity solution from the myriad of solutions in the market.

Perceiving a gaping need for a competent cloud-based cybersecurity management solution, Praesidio is one of the first few companies that devised a class-defining cybersecurity solution exclusively for community banks and mid-sized financial institutions. “Before Praesidio, there wasn’t a cloud-based cybersecurity solution that included network monitoring, incident response workflow, policy governance, and real-time analytics into a single solution,” asserts Sean Cassidy, CTO, Praesidio. Designed by financial security experts, the company’s built-in compliance tools link a client's policies to system alerts that help define, enforce, and report on security policies. “Our vision is to create a community where we can invite banking and IT security professionals to join like-minded peers in a common goal of stopping cybercriminals,” remarks Cassidy.

Optimized Support for Financial Institutions

Countering obsolete solutions that still struggle with query speed issues and data storage cost constraints, Praesidio leverages the latest Java Virtual Machine (JVM) technology and clustered database storage to allow banks to monitor 100 percent of their network in real-time. Praesidio is the first company to combine policy governance, log aggregation, alerting, incident management workflow, asset management, and support from a Security Operations Center (SOC) team into one solution. “We believe that a seamless solution that integrates all of these tasks is the key to truly securing a financial institution,” remarks Cassidy.

Working in line with a bank’s other security solutions, network devices and applications, the Praesidio platform aggregates the events happening across the entire network to provide a single set of optics that reflect on the health and security of a bank’s network. “All logs are sent to a virtual appliance located on the bank’s network, and from there the logs are routed to Praesidio,” explains Cassidy.

Every Praesidio customer has their own virtual private cloud, which is more secure than an on premise solution. They can also avail Big Data processing power for actionable, real-time analytics. The system does not collect any Personally Identifiable Information (PII) and all the data is sent to the customer’s virtual private cloud. This straightforward approach accelerates the deployment process of the solution to a matter of days from months.
Delivering Complete Network Management

Build to simplify IT security activity so that C-level executives can channel their time into investigating and remediating true threats, Praesidio bridges the gap between IT and governance through real-time insights.

For example, the platform not only allows clients to track whether the bank’s policies were violated but also offers automatic alerts as a reminder when incidents are unresolved within a specific timeframe—all viewable on an easy-to-use dashboard. Another core feature of the solution is its in-depth functionality in the areas of known and unknown threats.

“We are creating a revolution with ThreatMatch. We match what happens on your network with a curated list of known threat sources; some of which are specific to the financial organizations,” says Cassidy. If a new threat source is identified, Praesidio goes back a minimum of 13 months to make sure that the IP address has not been inside a client’s network. “This is only possible as a result of our cloud infrastructure which allows us to do lightning-fast look-back queries,” adds the CTO.

This infrastructure also enables Praesidio to rapidly innovate and build out new features or functions. The company delves deep in the areas of detecting unknown threats through their anomaly detection technology called PatternScout, which detects threats through machine learning algorithms before they are identified by traditional signature-based systems. PatternScout allows a user to spot questionable occurrences in a network, using behavior-based pattern recognition from past data.

This amalgam of enhanced governance insight, analytics-driven security and operational intelligence delivered by the company is offered to customers at a fraction of a cost when compared to the expenses spent in building in-house software. “Given a situation where a company does manage to consolidate a security solution, challenges that require maintenance and support from security experts are bound to surface,” states Cassidy.

The company's Guardian team not only offers 24/7 support, but follows a structured approach to on-boarding with security experts who hold a deep understanding of the challenges confronting financial institutions, specifically community banks. “As community banks are smaller in size, Guardian poses as the source of security advice, and over time our service becomes a force multiplier for the client.”

In the case of Praesidio customer, Live Oak Bank, the client required enhanced visibility into all areas of its network, in order to support company-wide security and operational activities.

With multiple point solutions, Live Oak needed a way to consolidate and interpret large, disparate sets of event data for a more streamlined system. Live Oak was using a data management platform called Splunk which was not designed in accordance to their needs. On adopting the Praesidio’s solution, Live Oak could aggregate all logs and event data together into one analysis engine that enabled advanced searching and incident management. With regards to intelligence, Praesidio’s solution for Live Oak helped the company to better utilize their IP reputation engines and reports across the entire organization, regardless of location.

Executive dashboards also made it easy to capture search logic and present it graphically for easier interpretation. From the point of view of compliance, the Praesidio solution made possible actionable tracking of company-wide incident management for quick and efficient reporting to state and federal regulatory agencies. Since the deployment of the Praesidio solution, Live Oak’s incident response increased exponentially while scalability and data collection improved by 100 percent. Overall, the company saw a 50–60 percent improvement in their internal process workflow and incident discovery.


Our vision is to create a community where we can invite banking and IT security professionals to join like-minded peers in a common goal of stopping cybercriminals


Not Compromising on Cutting-Edge Solutions
Moving ahead, Praesidio will continue to enhance their solutions in accordance to technology trends and market demands. According to a current PwC U.S. State of Cybercrime Survey, 74 percent of organizations say that they lack capable personnel in their staff who can address cyber risks with the appropriate solution.

These statistics emphasize on a need for state-of-the art cybersecurity solutions, given the evolutionary nature of cyber attacks. Capitalizing on the necessity for a competent array of cybersecurity solutions, Praesidio plans on adding innovative features to their solutions that will help combat the attack vectors that cybercriminals are resorting to.

The company will also expand their engineering, sales team, and customer base. “In the near future, we are going to invest specifically in the scalability of our solution along with cloud services to complement our existing technology suite,” informs Cassidy. Coupling their progressive advancements with a vision to eradicate cybercrime completely, Praesidio truly emerges today as the one stop shop for cybersecurity solutions and an IT hero in securing banks and financial institutions.

- Sandeepa Majumdar
    November 02, 2015