No security offering can totally eliminate network data breaches, but fast detection can prevent a successful attack from becoming a large-scale disaster.
In this regard, network security is starting to look a lot like the physical security banks use in their branches, said Al Pascual, senior analyst for Javelin Strategy & Research.
"You could have the most secure bank in the world with locked doors, three-foot thick fences and gates that come down at night, but they still have an alarm inside of it," Pascual said. "It is very much the same with a network operation. It totally makes sense that solutions are now geared to not necessarily stopping criminals at the gate, but to at least let you know they are there."
Systems that provide a quick alert that a potential attack is in progress will quickly become "a big part of how everyone does business going forward," Pascual added.
Tel Aviv-based Hexadite Inc., which also has an office in San Francisco, is working with banks to install what amounts to an alarm system on their networks. Its automated incident response solution, called Hexadite Airs, provides near real-time remediation when a network gets hacked.
Hexadite Airs takes data from hundreds of attacks and information points to screen all systems in a network, Hexadite CEO Eran Barak said. This data comes from existing cybersecurity detection systems, including security information, data loss prevention, endpoint security, next-generation firewall and antivirus software, and external threat intelligence feeds.
The concept of pooling threat data is not new to the payments industry, but it is often limited to specific product sets. For example, Visa Inc. has had a credit card issuer clearinghouse service in place since the 1980s, but only last year began establishing a similar service for prepaid debit cards.
The frequency and scope of retailer data breaches is requiring companies throughout the payments industry to look for new points of compromise. The 2013 Target Corp. data breach is a noteworthy example because the intruders were able to get in by stealing credentials from the retailer's heating, ventilation and air conditioning provider, Fazio Mechanical Services.
But companies that expand the scope of their network monitoring risk being "overwhelmed by the volume of alerts they receive on a daily basis," Barak said. Hexadite Airs has a fully automated or semi-automated mode that can screen systems suspected of infection and conduct investigations at the same time.
"The system can determine in seconds or minutes whether its client is undergoing a real attack or if it was a false alarm," Barak said.
Hexadite has been speaking with many U.S. card issuers and companies that manage card portfolios in offering security support. The vendor has operated in Israel for 10 years.
All of the current fraud prevention methods, such as tokenization and end-to-end encryption, are effective tools, but an emphasis on fast response to attacks amounts to "preventing an attack before it comes," Barak said.