Cybersecurity in Banks: Digital Era Strategies

Synopsis :

APAC News Network delves deep into the issues influencing how BFSI organizations are designing their cybersecurity roadmaps.

The BFSI sector has always remained a primary target of cybercriminals over the last several years, given the amount of sensitive data that they have to deal with. Some of the top threats that continue to threaten this sector include ransomware, Denial of Service (DDOS), bots, phishing, data exfiltration (data theft), DNS & domain hijack among others.

Though BFSI businesses started moving their assets to the cloud nearly a decade before the pandemic, the switch to a remote workforce from 2020 further accelerated the process and with it, IT monitoring and security became one of the top priorities for a BFSI CIO. “With the increase in SaaS based applications, BFSI organizations are required to build stringent security controls at their edge networks,” says Saravanakumar Krishnamurthy, EVP –Technology Engineering – IT, Network & Cyber Security at YES BANK.

“Cybersecurity is a strategic necessity for the banking sector and not merely an operational issue”, asserts Mahesh Kulkarni, MD, Barclays India. The Data Security Council of India tabled the India Cybersecurity Domestic Market Report in 2023 with the unanimous conclusion that all BFSI organizations have increased their data security budgets over the last few years. Some of these focus domains are included.

Zero-Trust Architecture: Traditional security models require verification from external users, especially in an extended ecosystem, but internal users can rather easily access the network. Zero-trust architecture is a network security model that requires external and internal agents to verify their identity to access the network, preventing unauthorized access and fraud risk.

SOC/Next-Gen SOC: The Security Operations Center (SOC) is a centralized team that monitors, detects, and prevents cybersecurity breaches. BFSI organizations use SD-WAN for their SOCs to get better visibility of operations across their networks and promptly identify potential breaches.

Security Audits and Assessments: This involves periodic network and hardware assessments of an enterprise to identify cybersecurity vulnerabilities.

CNAPP: The Cloud Native Application Protection Platform (CNAPP) is a consolidated tool or platform that provides workload protection and data security.

SD-WAN Network Security: This advanced network infrastructure allows seamless and secure collaboration and data transfers across different applications used in remote locations. This will be particularly beneficial for those BFSI organizations who have multiple branches in diverse geographies.

Privacy by Design: This is a cybersecurity framework focusing on implementing robust privacy policies and technologies in the initial stages of the application development. Increasingly CISOs are starting to focus on this.

According to Avinash Shukla, Head –Digital Banking, UCO Bank, cyber security is the need of the hour for all BFSI organizations. “We are now going with AI and ML-based technologies that track user behaviour. We are adapting to password-less authentication as well,” informs Shukla. The cyber security environment is evolving but the aim remains the same at the core revolving around the confidentiality, integrity, and availability (CIA) of the data.

Babitha B P, VP- System Audit, Reserve Bank Information Technology (ReBIT) emphasizes that enhancing cyber security is not a one-time job but it is rather a continuous process. “It has three aspects at an organizational level –one is that we need to have an appropriate tool, the second is we need to have appropriate people/trained people on board so that it can be managed well. If we do not have these two in place the data and appropriateness of security systems can be jeopardized at any point in time,” explains Babitha. The third aspect is about how we are creating awareness about these cyber security tools, she adds.

There is a huge focus on the identity and access management system in the BFSI sector. According to both Krishnamurthy and Shukla, BFSI CISOs to think in a comprehensive way and design a solution including all security tools and technologies. During the pandemic and the era of digitization followed by work from the home scenario, speakers mentioned the implementation of such solutions by which they were able to give access from outside, robust identity and access management, multi-factor authentication, secure connection, and so on.

Balram Choudhary, CISO, ASK Group, feels the challenge is most of the cyber attacks that had happened in the BFSI sector are zero-day attacks where it is difficult to know what kind of encryption systems the attackers are using. In such cases, the CISOs have to identify the system, if it is behaving in an abnormal way, and for that, they have to go for a user behaviour analytics tool. “The maturity curve of AI is still not up to the mark, and so we have to work towards enhancing it,” opines Choudhary.

Rajneesh De, Consulting Editor, APAC News Network