Distributed denial-of-service attacks aim to bring portions of anetwork down by bombarding the network with requests, and U.S.financial institutions have been prime targets, hit by attacks thatrendered their websites unavailable to customers.

These five tips can help maintain your financial institution'snetwork and cyber security posture while decreasing the risk andpotential collateral damage of DDoS attacks.

Start with the Basic Security Objectives

Financial enterprises should consider implementing controls asthey relate to the three main tenets of information security, theCIA triad. These principles are confidentiality, integrity andavailability and are the foundation of any information securitypolicy infrastructure.

Confidentiality refers to the safeguarding of sensitive orclassified data; integrity refers to keeping the original dataunadulterated and intact; and availability refers to the resourcesand data that need to be continuously available to authorizedparties to maintain day-to-day business.

While the CIA triad is important for every network, it isespecially vital for the financial sector where classified data canconsist of personal information that must be protected due toregulatory compliance.

Next: Implementing SIEM Implement an Effective SecurityInformation Management Solution

Another early stage security measure is utilizing a highlyeffective Security Information Management solution or SecurityInformation and Event Management solution. The exact solutiondepends largely on the size and needs of your financial enterprise,and both are designed to increase the visibility of telemetrywithin the enterprise network or on its boundaries.

A SIM solution carries out the collection, storing, alerting andreporting on the data whereas SIEM solutions combine SIM with aSecurity Event Management component that processes logs in order tocreate alerts from connected events.

Both solutions have a wide range of capabilities, includingcompliance-related functions, such as the retention of messages andcreation of reports specifically designed to address audit orcompliance concerns. Audit and compliance issues are major concernswithin the financial sector, and a strong SIEM can provide theadditional visibility an enterprise needs to decrease theresolution time of an incident.

Next: Integrating AETs Integrate Advanced Evasion TechniqueProtection

Advanced Evasion Techniques consist of an evasive technique thatlets intruders bypass security detection and logging during networksecurity reconnaissance. In addition to bypassing network security,they are usually stackable through simultaneous execution onmultiple protocol layers, capable of changing dynamically even inthe midst of an attack and consist of numerous combinations ofevasion techniques and modifications.

AET protection requires zero-day protection in all layers aswell as deep packet inspection across multiple network layers andprotocols. AET protection components should also have integrationcapabilities, a full range of features, high manageability andinfrastructure patch capabilities.

AETs are especially dangerous to the financial sector where,once again, extremely sensitive information is at stake in a highlyregulated environment.

Next: Taking Control Establish Web and ContentControls

Web and content controls are integral for inspecting andblocking unauthorized access to sites and dangerous active content.Active content in the broadest sense consists of electronicdocuments that are designed to automatically invoke actions ortrigger a response within a system without the assistance of anindividual, phone-home type of behavior. Such content is a majorhazard due to its automation and the fact that an individual maynot directly or knowingly execute the actions.

Electronic documents have an added component of danger when theyare actually programs or consist of programs that can beself-triggered, requiring no user intervention, and result in thesame type of actions executing a program would entail. Becauseactive content can be a death knell for the integrity of afinancial network, protection against triggered behaviors isnecessary, as is requiring user intervention to open executables,and strong authentication, authorization and accounting.

Finally: Forensics Employ Digital and NetworkForensics

Digital and network forensics are particularly essential fordealing with DDoS in the financial sector as both serve to provideadded visibility, remediation and legal response capabilities.

Digital forensics relates directly to legal responsecapabilities, as it deals with discovering and analyzing electronicdata for use in a potential court case. Network forensics seeks topinpoint the source of a security incident or attack by capturing,recording and analyzing network events.

Lacking either process opens your financial enterprise toadditional legal ramifications and a higher risk of repeatedattacks.

PhilLerner is the vice president of technology, NorthAmerica, for Stonesoft Inc. inNew York.