Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

What does cybersecurity look like for the financial sector in 2021?

Published : , on

By Neill Lawson-Smith, managing director at CIS

The landscape is changing incredibly fast, with cybercriminals using the most up-to-date technology to hack systems. Here are the six areas those in finance should be watching out for…

The finance and insurance sector is increasingly becoming a notable target for cyber attacks. Many of these breaches happening are believed to be due to inadequate security measures when teams or businesses are using cloud services.

The financial industry is also being affected by changes in processes with more fintech, virtual banks, and other digital disruptors impacting the market. The landscape is changing incredibly fast, with cybercriminals using the most up-to-date technology to hack systems, so it is therefore up to the financial sector to keep up to avoid security breaches.

What does this look like for the year ahead in the financial sector? Here are the Six areas those in finance should be watching out for:

  1. AI securityand cyber defence

Both Cybercriminals and cyber defence are commonly using Artificial Intelligence (AI). In cybersecurity, it is used to identify new threats, as well as assess the effectiveness of the responses to threats, enabling them to foresee and essentially block attacks before they happen. It is also used to spot behavioural patterns and can quickly identify possible infiltrations.

Hackers have also started to use AI to make it easier for them to get past security systems in place. This year, it is likely that AI will be increasingly used as a means of gaining personal details (i.e. credit card details) as well as optimising spam phishing campaigns.

  1. Mobile cybersecurity in banking

With the number of consumers using their mobile devices for banking and financial transactions increasing, especially since the COVID-19 pandemic has rendered society predominantly cashless, cybercriminals have been heavily targeting mobile systems. For example, mobile malware only targets mobile phone operating systems. The most common forms of mobile malware are virus and trojans, spyware and madware (mobile adware), phishing campaigns, and browser exploits.

This means it is now more important than ever to protect mobile devices to the same extent as traditional hardware.

The same protocols that are in place to ensure your staff PCs and laptops are secure now, need to also be applied to their mobile devices as well, such as:

  • Ensuring the latest versions of the operating system and other applications are installed.
  • Installing a firewall.
  • Enabling mobile security software to protect against malware and viruses.
  • Using password protected lock screens.
  • Ensuring apps are only downloaded from official sites like Apple App store and Google Play.
  1. Multi-factor authentication

Multi-factor authentication adds an extra layer of security to all your business networks by ensuring every transaction or login is supported by at least two security measures for access. It is one of the easiest security measures to implement within your business and is becoming more common within the financial sector for many transactions. The traditional username and password are becoming increasingly easy for cybercriminals to acquire, whereas adding an extra identification method, that is not easily accessible to the hackers, ensures an extra layer of protection.

The most commonly used multi-factor authentication methods are:

  • Passwords – They should be complex and comprise at least eight characters and be a combination of upper- and lower-case letters, numbers, and special characters.
  • One-time use code – A randomly generated code sent via SMS or email which is used only once. With weaknesses in mobile networks and email accounts, these can however be intercepted by hackers.
  • App generated codes – a code generated by an app on a mobile phone often created by scanning a QR code that contains a ‘key’. As the key is stored on the phone itself this is less likely to be intercepted by a third party.
  • Physical authentication keys – this is a USB which the user inserts every time they login from a new computer. Unfortunately, they don’t work on all devices without adapters (such as iPhone, MacBook or Android).
  • Biometrics – Using a fingerprint, voice, or an eye dent is an effective identifier. They are extremely difficult to hack but if they are, they cannot be used ever again for anything.
  • Information – this could be something that only the user would know – either a password or a piece of information.

Most of these methods are free or relatively cheap to implement and don’t require anything other than a mobile phone for the user. The added security of multi-factor authentication means even if a hacker has acquired a username/password combination there is still an extra security barrier preventing access.

  1. Refined testing

As the finance industry is constantly changing, then so too are the security threats. Financial cybersecurity is an ongoing commitment, so installing new anti-virus software and implementing MFA, and stopping there is not going to keep you protected for long. It requires ensuring software and firewalls are up to date as well as ensuring access is regularly updated. In addition to this constant maintenance regular testing of the systems is essential. All systems have vulnerabilities, and as these change, cybercriminals learn to overcome them, and therefore software develops.

One thing to remember is that it is not possible to be over-cautious when it comes to cybersecurity. Regular penetration testing essentially identifies any weaknesses in your systems before the cyber criminals do. It is essential to schedule penetration testing or vulnerability scans at least once a quarter unless compliance dictates otherwise. They can be carried out using a vulnerability scanner.

  1. Hiring the right people

It is crucial to have the right team on hand to ensure your systems are up to date, regularly tested and maintained is essential.

Your IT team should have the following skills and knowledge:

  • Knowledge and understanding of the company’s IT infrastructure
  • Knowledge of cybersecurity best practices
  • Understanding of company processes and data flows
  • Up to date knowledge of cybersecurity solutions
  1. Plan a Defence, Prepare for Attack…

Although businesses can take many precautions, there are limitations on skills, investment and timescales in implementing a comprehensive cybersecurity infrastructure, it is essential that appropriate procedures, policies and processes are established to ensure that an appropriate response is carried out in the event of a detection – whether manual or ideally automated – so that whenever an attack occurs, the appropriate and proportionate response is carried out immediately to limit any further damage or intrusion.

Uma Rajagopal has been managing the posting of content for multiple platforms since 2021, including Global Banking & Finance Review, Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune. Her role ensures that content is published accurately and efficiently across these diverse publications.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post