Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Third-party organisations could pose security challenge: NAB

Hamish Barwick | May 14, 2013
Relying on third parties for services means the supply chain is a “real threat”, says the bank's head of IT security

National Australia Bank's (NAB) technology transformation is causing an extra security challenge because of the reliance on third-party suppliers, according to the bank's head of IT security services operations, Andrew Dell.

Speaking at Trend Micro's Evolve 2013 conference in Sydney, Dell told delegates that the supply chain is a real threat because of interconnected systems.

"As we work through this [IT] transformation, we have a good handle on our immediate third-party suppliers," he said.

"The challenge is around our providers' providers so we need to have a more mature third-party security assessment methodology."

According to Dell, supply chain security means it needs to find the balance between governance and ensuring itself of the threat posed by connected networks.

He added that banks are investing in security system transformations to stay relevant.

"Historically, we have had the function to play a steady cat and mouse game with cyber criminals and been able to deploy counter measures to manage our online fraud," he said.

However, the rapidly evolving threat landscape means the bank needs to change its security posture.

"Our security strategy must evolve away from observe and response to a dynamic capability that automatically identify malicious activity and takes action in near real time," Dell said.

"It needs to be a flexible platform that allows our cyber crime team to respond to emerging threats."

 

Sign up for Computerworld eNewsletters.