11 minute read
Cybersecurity in banking and financial services
From cybersecurity threats to cloud native platforms, Nicolai Solling, Chief Technology Officer, Help AG gives a detailed account of the front and centre considerations that banks and financial institutions must have when tackling their security and digital needs
How has the pandemic changed cybersecurity requirements for the banking sector? How are financial institutions coping? Are they being confronted with any new kinds of challenges?
Advertisement
The pandemic and ensuing shift to remote work has amplified the cybersecurity threats across multiple industries, and the BFSI sector has not been immune either. According to VMware Carbon Black , cyber-attacks on financial institutions increased by 238% from February to April 2020.
The sector has encountered a worrying growth in the compromise of credit card information, as our Digital Risk Protection report showed that Q2 2020 saw a 500% increase in carding fraud. The same period also witnessed a staggering 3-time (183%) jump in threat alerts related to data leakage.
Attackers have exploited the fear around the COVID-19 pandemic to get malware onto clients’ devices. This trend has hit the banking sector especially hard. An attacker could send a client a link that seemingly contains information about COVID-19 but in fact downloads malware onto the device once it is clicked. This could constitute the first step of the cyber-attack campaign. This is particularly concerning as the pandemic has caused many banks to build and expand their electronic channels, like most organizations. Banking moved online, and while it is okay for most of us, it has created a new group of users (e.g. senior citizens, blue collar workers, etc.) who are not aware of the nuances of digital technology, let alone safe online practices. This instantly meant a much broader risk surface.
In addition, the bank as an enterprise has also been impacted by COVID-19. Due to the pandemic, many bank employees began working from home, and the home network has a very different security posture than the enterprise network that they would normally be utilizing. Although most banks have been operating remote access solutions for a long time, the scale was fairly limited earlier and overnight the situation had to be changed. This added extra pressure to both security and connectivity requirements, causing banks to rethink how they implement secure internet connectivity for remote users, while maintaining data security.
Nicolai Solling, Chief Technology Officer, Help AG
BFSI forms a major chunk of Help AG’s customer base. Have you seen a change in banks’ cybersecurity requirements over the past 12-18 months?
In the beginning of the pandemic, of course, we had a lot of requirements when it came to the connectivity aspect of how we securely connect to the bank, how we connect those who work at the bank efficiently to the bank environment, etc. While remote access was not a new feature for most banks, the scale was limited prior to the pandemic, and almost overnight, a massive scale up was needed.
Another requirement that we have been seeing is in terms of rethinking how banks address secure connectivity to the internet for their users. The traditional castle-andmoat model had to be transformed to make way for zero trust and security on the edge. Banks are increasingly looking at Secure Access Service Edge (SASE) based services. There is a
massive evaluation process underway, of various aspects of SASE, beginning with something as simple as web security, for example, to make sure the right security policies are enforced when customers and employees are browsing the web, at home, without having to send all that traffic back to the enterprise.
Has Help AG recently brought some new technologies on-board that especially add value to cybersecurity for the BFSI sector?
We have strategically partnered with several innovative vendors that have further expanded our capabilities in the BFSI sector. One such partner is Zscaler, which delivers cybersecurity in the cloud. We work very closely with them to deliver cybersecurity services that are in line with not only organizational but also governmental requirements, in terms of ensuring data is maintained locally in compliance with regulatory regimes of the region. Another of our standout partners in this arena is Netskope, who has made the necessary investments to ensure that the SASE services they provide are in line with local regulations. Beyond web traffic, SASE also covers managed SaaS, unmanaged SaaS, public cloud services, and custom apps in the public cloud.
Illumio is another of our important partners for the banking sector, among many other verticals. Most banks have the requirement of segmenting their services. This means they need to create technical controls for enforcing traffic between systems. One driver for the microsegmentation process is the fact that most banks have a mandate to maintain Payment Card Industry (PCI) compliance. Additionally, many banks that are already PCI certified are under the pressure of maintaining the kind of segmentation required for this compliance. That is where Illumio comes in with a unique solution for banks to help them deal with this issue in an efficient, economical, and flexible way. The solution can be implemented within days instead of the months and years that organizations sometimes spend on addressing microsegmentation requirements.
Another interesting feature of Illumio is that the segmentation solution is agnostic to where you host your data and applications, and as a result, as banks move to the cloud, they can maintain the same set of capabilities as they did on-prem.
Another key partner helping us add value to the BFSI sector and support our secure cloud enablement strategy is Aviatrix. Banks will always have applications that are challenging to move into the cloud, either because of technological or governance requirements. As a result, they always tend to be hybrid when it comes to cloud adoption. Connecting an on-prem data center to a cloud-based data center with the right levels of security and performance is a challenge. And it is not only about establishing a connection between on-prem and cloud, but also about maintaining communication between different cloud platforms in a secure way as an organization moves toward multicloud. Another challenge is maintaining the right kind of segmentation between those environments. Aviatrix addresses all these issues through its cloud platform and capabilities.
The financial sector has been witnessing prominent changes in data privacy regulations. How are banks dealing with these changes?
When it comes to data privacy, banks deal with different types of regulations on a local and global scale, such as the GDPR in Europe and the CCPA in California. New regulations continue to be rolled out, which brings to the forefront the importance of understanding the data you are hosting about a user and how to deal with it. Specifically, the life cycle management of data is becoming extremely crucial for banks. To address these issues, we have partnered with Securiti, which provides an AI-powered platform focused on identifying sensitive data and managing its life cycle.
Securiti enables organizations to readily provide information to the client on what kind of data the organization stores about them. This is important as many data privacy regulatory frameworks stipulate that users have a right to this knowledge. Securiti also manages the life cycle of customer data, which is related to ensuring that the data is redacted from the organization’s systems after the customer leaves. Data redaction can be challenging, as data can vary widely in nature (e.g., structured and unstructured data).
Moreover, a key aspect of data management is that it must be an automated process, because a manual process is too cumbersome and expensive. This is another arena where our partnership with Securiti plays a vital role, providing data protection through automation and AI technologies. Securiti deploys big data analytics and machine learning capabilities to ensure data is managed and cleared securely with minimal human intervention.
We are living in times when innovation and threat landscape are both evolving at light speed. How is Help AG making sure to keep pace?
Help AG has always taken the role of a market evangelist when it comes to pioneering new technologies, be it secure cloud enablement, OT security, or the utilization of machine learning for enhanced agility and efficiency in dealing with cyber threats, as well as advanced cybersecurity services like world-class penetration testing services, Incident Response, Breach Investigation and Forensics, Cyber Insurance, Governance, Risk and Compliance, 24X7 Managed Detection and Response, and Managed Threat Intelligence among others.
We have always been known to be very pragmatic in our approach and have planned our strategies after a lot of thought and careful consideration, in addition, to leveraging the extremely successful market experience of our
leadership team. We constantly finetune our vendor strategy in line with the industry trends as well as with an expert understanding of what is to come, and accordingly, we do our due diligence in identifying the right kind of vendor partners and enabling our teams to make sure we position the technologies in the best manner in the marketplace.
This pragmatism is also reflected in our hiring practices. For example, keeping pace with the requirements of the industry, we have been increasingly hiring experts with skills in cloud security, IoT/OT security, product development and management, digital risk management, CSOC analysis, data science, cybersecurity architecture, incident response, DevOps architecture, etc.
Another USP that makes us stand out is our ability to think like hackers. This empowers Help AG to adopt both a proactive and a predictive approach to cybersecurity unlike traditional approaches of tackling threats and vulnerabilities. The analysis team in Help AG comprise the region’s most qualified ethical hackers capable of uncovering loopholes that automated tools generally miss and accordingly penetrating defenses of any nature. Our advisory consultants adopt a business-oriented approach and propose risk-oriented recommendations for informed decisions. Help AG’s implementation team ensures fully compliant deployment, migration and integration of security architecture as per security policies, security baselines, standards and recommendations from technology vendors. Our analysts and subject matter experts in our state-ofthe-art Security Operations Center (SOC) offer round-the-clock expert services in areas of protection, detection, response and recovery.
Being the cybersecurity arm of Etisalat Digital, we are very well placed as the digital transformation powerhouse. The next 12-18 months will witness a service centric evolution, with an overarching ambition of Help AG-as-a-Service. Three years from now, our portfolio will be Help AG-as-a-Service. From being a cybersecurity solutions and services provider, we are transforming into a managed cybersecurity services and solutions provider.
Digital transformation across technology domains is widespread in the Gulf region. Where do you see opportunities for your business in 2021?
The broad shift towards using cloudnative platforms is undeniable. This move to the cloud presents an opportunity for us, as we provide innovative cloud-native security capabilities to businesses. Organizations are rethinking the entire process of application development
as well as how the application should look in the future. Moreover, a lot of the technology that organizations have in place today will not be able to withstand the requirements of the new cloud platforms and will thus need to be revamped or replaced. Being able to secure cloud-native computer platforms and cloud-native technologies will be an extremely important capability moving forward.
COVID-19 has led to new digital habits and trends, such as an increase in online banking and application development. This is another opportunity for Help AG, as we are frontrunners in ensuring security is a day-zero consideration while new applications are developed and released for large scale usage. Moreover, automation has significantly moved from being something ‘good to have’ to becoming a vital component of business resilience and productivity. Our continuing focus on security automation together with strategic partnerships enables us to deliver the automation capabilities businesses need to save time and cut costs.
According to recent IDC reports, the cybersecurity spending is increasing in META region, growing at a CAGR of 7.3% and more and more shifting from solutions to services. This is where Help AG is extremely well placed, with its service centric business evolution. Our Managed Security Services saw a massive increase in demand and uptake in 2020 and continues to be on the northward journey.
If you had to focus on three things that matter the most for banks’ cybersecurity, what would your advice be?
1. Consider security as a day-zero component of your application building process. If you build a system without considering the potential for fraud, you are building an inefficient system prone to attack. 2. Always assume that you will be breached and stay prepared with a proactive approach to cybersecurity. 3. Foresee potential risks when creating security policies and educate employees correctly. The security policy of a bank or financial institution should address what the organization does to ensure the security of customer data, explain employee best practices, and outline the organization’s action plan in case a cyber-attack happens.
A full service international law firm built for the Middle East
