APSN–Financial services firms are generally attractive targets for cybercriminals. These organisations also tend to be have advanced security measures but cybercriminals are changing tactics and evolving their attack methods constantly, so it’s important for these businesses to remain vigilant and implement appropriate cybersecurity programs, according to Aleron.
Mark Wroniak, director, Aleron, said, “Financial services firms are at the forefront of cybersecurity. Because they operate in a regulated environment, their IT security teams know they have to implement the right controls to keep their organisation’s, employees’ and customers’ data safe.
“This means they need to know what the most likely targeted threats are so they can prioritise them according to their potential impact on the business, and implement mitigation strategies to reduce the risk and ramifications of a successful attack.”
There are four key challenges facing IT teams when it comes to managing security effectively:
1. Agile development. While agile methodologies are gaining popularity due to their efficiency and effectiveness, the speed and flexibility involved makes it hard to control.
2. Documentation. Financial services organisations are process-oriented and rely on documentation. This means confidential data is constantly in transit, where it’s harder to secure.
3. Embedded security. Embedding security as part of the development of new apps should be a matter of course, but isn’t yet.
4. SecDevOps. Integrating security into DevOps approaches can help alleviate problems associated with the faster-moving development world enabled by cloud.
Furthermore, there are three key trends emerging in the financial services market. Organisations should be aware of these trends and plan to address them to remain secure, according to Aleron.
1. Insurance. Cyber insurance is an emerging product and the market hasn’t yet seen how cyber insurance claims may affect things like premiums. It’s important for businesses to move beyond an insured mindset towards a proactive resilience mindset.
2. Innovation opportunities. Getting the security basics right will help organisations innovate faster and more successfully.
3. Emerging technologies. Artificial intelligence (AI) and robotics will create new ways of doing business, which may create new vulnerabilities. Similarly, cryptocurrencies, payment changes, and open banking initiatives create questions around trust.
Mark Wroniak said, “The key to managing security effectively is to communicate and collaborate between security teams and operational teams. It’s important to remember that not everyone in the security team is necessarily technical, so they need to be advised about the risks and how they’re relevant in a commercial environment.
“Banks are getting collaboration right. A good example is the Risk Management Association, which brings together risk management professionals in the Australian financial services industry. By collaborating and sharing data, financial services organisations can innovate better and get things done.
“Security offers financial institutions a competitive advantage. Working collaboratively is essential.”