Preempt Blog

The latest insights and advice to keep your company protected from insider threats and breaches

Zero Trust for the Finance Industry 

What’s costing the Finance and Insurance industry too much money? We all know the three statistics: 

$3.86 million dollars* 

280 days** 


 Preempt can help. 

  A review of MITRE ATT&CK chain agrees with Verizon report that 80% of serious incidents and data breaches involved credentials through Active Directory and Domain Server shenanigans. Is it malicious outsider or a compromised insider? In the end, it doesn’t matter who the bad guy is because the patterns and results are the same. What matters most is what are you doing to stop them? 

The security plan for ‘architect then react’ via log movement and analysis no longer fits the need for instant, automated responses. Instead, firms need to focus on the critical elements of breach containment from initial risk reduction to active protectionsand this can only be achieved by adopting a Zero Trust approach to architecting solutions. And they need to do all of this in a way that doesn’t slow down the stream of business in a fast-paced market. 

Everyone is compliant – we know that the Finance industry has been part of developing some of the more stringent compliance organizations in the world. But is compliance enough? What tools define your compliance matters, and how easy you make it for your employees to transact business defines their daily routine. In the past, security teams adopted the security they understood: Perimeter security like firewalls and anti-virus. Today, there is no perimeter. The identity is the network, whether at home, in the firm, at a coffee shop, or on an aeroplane. Business never stops, and frictionless security is the next step.  

Preempt’s frictionless Zero Trust strategy takes compliance out of the checkbox and uses it to automate the employee and system transactions from app to app, from database to website, local and cloud alike. Preempt looks at real-time identity transactions at the domain controller – or via API from the cloud – and weighs the request against common user behaviour, group identity, privileges, physical location, and more. Preempt starts where other UEBA tools leave off. Not only does the Platform compile a risk score and attributes and track session-level authentication events, but it provides risk-based conditional access that challenges your employees and contractors only under the conditions of increased risk or by rules specific to the system.  

 You can read more about how Preempt secures the finance industry here –  

Or you can schedule a demonstration with one of your team to show you how Preempt shuts down live attacks as they happen, without constantly hassling your team for a hundred logins a day. 

 *Average total cost of a data breach 2020 – 

**Average time to identify and contain a breach – 

*** – Every security breach report, but especially Verizon DBIR –  

Topics: Attack Tools, ueba, Zero Trust,

Posted by Jeannie Warner on October 15, 2020 7:56 PM


Brute Force Attacks: Denying the Attacker, Not the User

According, close to 8 billion accounts have been compromised...

Read More


What State-Sponsored Attacks Can Teach Us About Conditional Access

People often think that state-sponsored attacks from groups like Lazarus...

Read More


A Simplified Approach to Network Segmentation

Network segmentation has long been one of the most valuable tools for protecting ...

Read More


10 Things You Need to Know About Kerberos

As our research team continues to find vulnerabilities in Microsoft that bypass all major

Read More


Brute Force Attacks: Denying the Attacker, Not the User

According, close to 8 billion accounts have been compromised...

Read More