Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Banking

THE BOTS OPENING THE BANKING BACKDOOR

THE BOTS OPENING THE BANKING BACKDOOR

Matt Middleton-Leal, regional VP for the UK, Ireland and Northern Europe at CyberArk 

Matt Middleton-Leal

Matt Middleton-Leal

Technology has completely transformed the way we bank. Consumers and businesses are demanding immediate transactions on the move and the use of mobile banking apps is sky-rocketing[1].

In recent months, we’ve seen a rapid shift towards a new breed of digital-only banks such as Monzo and Tandem, which are meeting expectations for real-time payments, detailed insights on spending and fast customer service. They are forcing traditional banking providers to rapidly pick up the pace of digital transformation and overhaul their customer offers.

Here we’ll take a look at why the big banks are turning to back-office automation to take on digital challengers, and how they can make sure new-age banking bots don’t lead to breaches. 

Automating the back-office

The likes of Barclays, Nationwide, Natwest and RBS are making huge investments in their front-end operations to keep up with the new competition, but they know that speeding up services will be near impossible if their back-office functions are not made more efficient. How can a customer-facing employee provide a swift response if they are waiting for overseas or overstretched IT support to fix an issue? And where is investment in new products going to come from if funds are wasted on time-consuming manual processing?

One of the ways in which the banks are streamlining processes is by adopting “bots”; applications which can perform pre-defined tasks faster, cheaper and more accurately than humans can. So, where an IT admin may be called on to regain operations, or resolve service, a bot could complete the same task automatically. It’s no surprise that IT tasks which were typically outsourced overseas – such as re-booting a server or allocating resources – are coming back to the UK in the form of bots to speed up response times and ensure resource goes towards higher value activities.

How bots could lead to breaches

Just like any human IT admin, however, the robots being used to complete these tasks need privileged accounts. These are valid credentials used to gain access to systems, providing elevated, non-restrictive access to the underlying platform that non-privileged user accounts don’t have access to.

Banks racing to introduce bots, without properly considering how to secure them, will open the institution up to new types of risks. If these privileged accounts were compromised, the attacker could move laterally through the bank’s infrastructure until they find the information (or funds!) they are looking for.

With high value monetary rewards for cyber-attackers, banks are inescapably highly targeted. Indeed, a new report by Accenture[2] revealed that banking respondents faced 85 “serious” attempted cyber breaches each year, with more than one-third of those being successful. Financial institutions simply cannot afford to let unavoidable cybersecurity gaps emerge.

Managing risk

Banks automating tasks are naturally focused on the business value bots can deliver; streamlining processes will save IT costs, speed up services and put them ahead of the competition. However, being aware of the risk that comes with this is critical to ensure banking bots don’t lead to breaches. Just as with regular user accounts as well as those for apps and other essential process, it is critical to ensure that privileged account credentials associated with bots are properly rotated and protected.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post