This was especially true for a SPHERE customer in the banking industry that experienced substantial growth through acquisition over the previous decade. As is often the case when a large, 100+ year old banking institution absorbs other financial entities, the pace of integration has been slow, creating technological debt and a reliance on legacy systems.
Combined with the rising threat of ransomware, an expanded attack surface brought by digital transformation, and a more demanding regulatory environment, this slow transition became even riskier. Within the bank’s decade of growth, regulatory requirements for data security such as the Payment Card Industry Data Security Standard (PCI DSS), the Gramm- Leach-Bliley Act (GLBA), and the General Data Protection Regulation (GDPR), all developed into major concerns.
