Challenging cyberattacks on banks should always be top priority
We stand on the brink of the Fourth Industrial Revolution, a technological revolution that will fundamentally alter the way we live, work and relate to one another. The Fourth Industrial Revolution can best be described as a range of a new technologies that are fusing the physical, digital and biological worlds, and impacting all disciplines, economies and industries.
The public are feeling wary the era of digital age has taken center stage in our modern- day living. Notably, it has made all of us somewhat vulnerable to the growing cybercrime, financial or otherwise.
Shortly after the hackers successfully stole almost $ 100 million from Bangladesh's central bank in February 2016, Swift, the global messaging network used by banks worldwide warned that cyberattacks on financial institutions are still continuing.
According to Swift, Bangladesh bank heist revealed vulnerabilities in the bank computer systems; a simple malware was detected on the computer systems targeting a PDF reader used to check statement messages. Hackers used the malware to bypass primary risk controls and initiate irrevocable funds transfer processes.
Cybersecurity experts are seriously concerned that, in the years ahead, the new malwares designed with adaptive, success- based learning to improve the efficacy of cyberattacks will be employed by hackers. The new generation of malware will be situation- aware; it will understand the environment it is in and will make decisions about what to do next.
As Gavin Patterson, CEO of BT Group, put it clearly, “the scale of the challenge should not be underestimated. With the attackers becoming increasingly nimble and innovative, armed with an increasingly diverse array of weapons, cyberattacks are happening at a faster pace and with greater sophistication than ever before.”
To address the growing concerns on the fast evolving cyber threats that continue to confront global as well as domestic financial institutions, our Monetary Board has previously approved pioneering guidelines on information security management that place a renewed focus on cybersecurity.
The guidelines highlight the role of the financial institutions' management in spearheading sound information security governance and strong security culture within their respective companies. The financial institutions are mandated now to manage information security risks and exposures within acceptable levels through a dynamic interplay of people, policies, processes, and technologies.
Let's be straight up about this. Banks must double their resources and efforts to invest in the latest technology against cybercrimes and must also see to it that they will only invest in highly qualified personnel to ensure the safety and soundness of their computer networks. The latter move is a sound one, hands down, considering the critical shortage of qualified cybersecurity personnel. Again, to quote Gavin Patterson, "it is imperative that we develop new approaches to attracting, educating and retaining talented individuals, in order to create a deep pool of highly skilled cyberexperts prepared to beat cybercriminals at their own game."
For financial institutions to survive and grow, their rate of learning has to be equal to, or greater than, rate of change in their industry. Nothing short of a frontal assault on cybercrimes will gain them the successes they need. Since technology is reshaping today the banking business landscapes in a rapid pace, banks must do what they are supposed to do to face this global challenge that could cripple their own computer systems.
As former US President Barack Obama once said, “cyberattacks are one of the most serious challenges we face as a nation, and our economic prosperity in the 21st century will depend on cybersecurity.”
Increasingly, questions are being asked on the negative impact of cyberattacks on a major bank; chances are it won't certainly be reassuring.