Like before it becomes a big problem.
Stopping breaches is a noble goal, but one made seemingly unrealistic given the “just in time” learning techniques that today’s sophisticated cybercriminals apply to our financial services and retail systems. Visa and FireEye are joining forces not to stop fraud – as much as they’d love to say they could – but to help issuers and merchants manage the downside risks of a breach by detecting it before it becomes a huge problem.
“A heightened awareness of the types of breaches and types of attacks that are occurring led us to decide we need to partner more to figure out how we can really provide additional coverage and benefits to the ecosystem,” Visa’s SVP of Risk Products and Business Intelligence Mark Nelsen told MPD CEO Karen Webster in a recent interview.
Nelsen recalled the cyber attack aimed at JPMorgan Chase, where hackers gained access to the account information of around 76 million households and 7 million small businesses, as an “eye-opener” to Visa’s executives. The event sparked an increased spotlight on security and a realization of not only the critical nature of security, but also the complexities that surround it, Nelsen added.
“There are a lot of new forms of payments coming out and because of that it opens the door for new types of vulnerabilities and new types of threat actors,” said Rich Stegina, VP of Technology Alliance Partners at FireEye. “Visa and FireEye are coming together with a unified effort to mitigate that risk and lower the time from suspected breach to remediation.”
That “unified effort” will take FireEye’s Community Threat Intelligence (CTI) initiative and enrich it with information gleaned from Visa’s network of 14,500 financial institutions and 40 million merchants – and to deliver access to this new level of threat intelligence in real-time. The goal is to give merchants and issuers the ability to detect breaches quicker so that they can more quickly mobilize responses in order to isolate the threat before it spreads and fraud losses escalate. Both FireEye and Visa plan to bring their own industry expertise and knowledge directly to stakeholders across the payments system.
Stegina told Webster that CTI will have two main offerings, “one looking at data and the other one will be looking at how we make this available to merchants at all levels.” Stegina explained that large merchants tend to have the ability, access and mechanisms to share information related to threat levels but that is lacking at the mid- or lower-sized merchants.
Delivering access will be via cloud-based tools and methodologies that are easy to use, and actionable.
CTI will act as an extension of Visa’s existing portfolio of fraud risk solutions, integrating the intelligence behind the tools FireEye already has in place through its cyber forensics group Mandiant.
Nelsen is hopeful that providing access to financial and payment data, coupled with FireEye’s expertise in servicing the industries most affected by data breach threats, can set the stage for CTI stakeholders to better protect their IT and payment infrastructures.
“We connect to over 14,000 insurers globally and the sophistication of these attacks is just really eye-opening. We know that we need to provide as much intelligence as we can to our global financial institutions,” Nelsen said. “It’s going to be very difficult for each of these FIs to have the adequate controls and technologies in place to really help identify if they’ve been attacked or not. We want to make sure we can provide some additional coverage to the FIs that are growing around the world, so that they are prepared for what’s happening and what’s to come.”