How we’re modernizing Security Operations at Wealthsimple
For ourselves, our clients, and the world.
Working in Security Operations (Sec Ops) is like playing a game where the stakes are increasing and the rules are always changing. If you’re not constantly evolving, you’re already behind. If you’re not keeping an eye out for threats on the horizon, you’ve already lost the game.
I’m making it sound intense because it is. Security threats are something to take very seriously, especially in the world of Financial Technology. But for our Sec Ops team, being at the forefront of fighting these threats — and keeping both our clients and our own platform safe — is exhilarating. We get to fight the bad actors every day, in ways that are always changing.
Here’s how we do Sec Ops differently — and how we plan to keep evolving.
At Wealthsimple, we hire the best talent in the biz to help us uncover security threats. To enable this talented team to innovate our approach to threat detection, we’ve applied DevOps and Engineering models to traditional Sec Ops with automated playbooks for rapid response needs. In practical terms, this means that the code we inject into our tools literally acts as our Sec Ops, responding to incidents and escalating them to our Sec Ops team when needed.
Setting up a Detection-as-Code model was no small feat. It required a fully-documented framework, which is code-heavy. The results, however, are what allow us to push forward. We’re working towards a future where our threat detection is fully automated, enabling our team members to focus on the most challenging and emerging threats, rather than the toil of everyday threats. Executing our work this way is already helping us focus more on invasion research and growing our talent pool.
Keeping our team on our toes
Setting up automated threat detection is a huge and ever-evolving part of our work in Sec Ops, but it’s only part of the equation. We also use a number of other tactics to keep our team ready for any threat.
Recently, we put our Incident Response program through a tabletop exercise. We did this by hiring one of the best consulting companies in the cyber security space. They led us through an exercise of a massive security incident in real-time so we could walk through how we would respond. This kind of exercise allows us to put our work to the test in a safe environment. We can be honest about what we’re doing well and what we need to improve when we face a similar threat in the future.
We also conduct self-assessment exercises that look at the past, present, and future state of our Sec Ops across the four pillars of Autonomic Security Operations: People Transformation, Process Transformation, Technology Transformation, and Influence Transformation. This assessment is an iterative process that keeps us from resting on our laurels. Our security is only as strong as our knowledge of potential threats, and testing that knowledge regularly is what helps us continue to evolve.
Keeping security strong
What’s the result of all this hard work? Well, first and foremost, it enables us to better protect our clients and their data through improved detection mechanisms and minimize incident response time.
Today, we’ve reduced high severity incidents by 50% and the severity of threats are lower because of the many playbooks we’ve developed. We’ve also been able to consolidate our security alerts and launch a comprehensive Brand Protection program to help mitigate digital risk.
Since shifting our focus to innovating Security Operations, we’ve seen increased team satisfaction, reduced the amount of toil and repetitive tasks our team had to field, and created more space for interesting and innovative work that’s proactive rather than reactive.
There’s no denying it: the future of Sec Ops at Wealthsimple is bright. Security threats are always evolving, but so is our team — and our level of innovation. We’re ready for whatever’s next, and we’re well-equipped to keep blazing a trail in how we tackle it.
Written by Ilya Kolmanovich, Director, Threat Management at Wealthsimple, in collaboration with Sarah Bellstedt.
Wealthsimple has forward-thinking financial tools trusted by over 2.5 million Canadians. “Maker Stories” is an inside look at how we get things done. Interested in joining our team? Visit our “Work With Us” page to learn more and view open roles.
The content on this site is produced by Wealthsimple Technologies Inc. and is for informational purposes only. The content is not intended to be investment advice or any other kind of professional advice. Before taking any action based on this content you should consult a professional. We do not endorse any third parties referenced on this site. When you invest, your money is at risk and it is possible that you may lose some or all of your investment. Past performance is not a guarantee of future results. Historical returns, hypothetical returns, expected returns and images included in this content are for illustrative purposes only. Copyright © 2022 Wealthsimple Technologies Inc.
