FIRST LINE OF DEFENCE.

Summary: We have a quick chat with Shoaib Yousuf, Principal at Boston Consulting Group, on cybersecurity trends for 2020

What cyberthreats should we look out for this year?

Cybercriminals continue to rob banks 'because that is where the money is', and they are becoming more sophisticated.

A rising number of digital touchpoints creates an expanding choice of windows through which cyber attackers can enter. Today, attackers will often use ransomware or distributed denial-of-service (DDoS) attack as a noisy diversion, while quietly making fraudulent fund transfers.

Nation-states are also getting increasingly bold. The role of banking systems is vital to the economic climate of countries, which makes them sensitive targets. In fact, we see more and more examples of destructive cyberattacks carried out not for monetary, but for political objectives. As digitisation booms, the problem is becoming ever more serious

Where do you see areas of improvement for banks in cybersecurity?

As cyberthreats intensify, financial institutions are becoming more proactive in protecting themselves and their customers. We have observed an increasing number of banks focusing on implementing technologies to counter cyberthreats, which is a good start.

However, our research shows that most breaches happen due human erors and process shortcomings, and technology alone could not have prevented the breach.

For instance, cloud breaches is an area that is in dire need of better security processes. Several of the biggest banking breaches of the last year can be traced back to failures of cloud security process--not being vigilant about which employees get access rights or lacking a process to monitor data flows.

How to best approach cybersecurity issues?

In Europe and the US, the largest banks have recognised cybersecurity as a strategic issue for the C-Suite and Board of Directors. Some of these banks have defined cybersecurity to be an 'existential risk' and have granted their chief information security officer (CISOs) vast budgets to tackle the challenge. Budget is important, but even more important is culture and leadership. Hackers look for the weak spots, so good security practises must be integrated across every business unit and back-office process.

Executive leadership and drive is often the difference between having a cyberdefence plan that looks good on paper and having an integrated cyber programme that properly works when tested

© 2020 CPI Financial. All rights reserved. Provided by SyndiGate Media Inc. ( Syndigate.info ).