Organisations warned to be vigilant over cyber-crimes
While the world is moving towards different forms of technology it also possesses a serious threat in the form of cyber-crimes. Organisations and companies in the financial services sector need to focus and be more secure, vigilant and resilient, it was disclosed at a forum recently.
Last Monday, Deloitte Touche Tohmatsu Ltd (DTTL) and SJMS Associates conducted a workshop on cyber-risks in the banking and financial services sector in Sri Lanka at the Taj Samudra Hotel in Colombo.
A.K. Viswanathan, Partner at DTTL India, noted that cyber-threats doesn’t have to be sophisticated and complex. It can just happen with the click of a button, a link or even by inserting an unknown USB into the system. “Many organisations have come across cyber-attacks worldwide, but they all moved on. There is no 100 per cent security in this world. Hacking can happen to anyone, anytime and anywhere. Taking the necessary precautions to minimise the risks of getting exposed is what organisations should work on,” he said.
He added that it’s not a choice at all for an organisation not to use technology that is becoming popular in the world. Also governments need to use this technology for business transactions and bills. There are pros and cons of technology, but the advantages and uses are more. “Everything has become digital and online but you need to be aware of how to protect your organisation from cyber-attacks,” he added.
Technology trends are a shift to digital business, and accompanied with the revolution in smart systems have caused a massive re-positioning of the financial services market from a fundamentally labour based model to an automated, process driven business model. Financial institutions are also under increasing scrutiny from their regulators who are changing their approach to cyber security by transforming it from an IT discussion to a risk, business and board level discussion, he stressed.
Cyber-attacks on this sector and its customers are on the rise, created primarily by Internet and mobile enabled banking services. Sri Lanka’s steadily increasing mobile penetration and low barriers to Internet usage increases vulnerabilities for banks and its customers, he added.
Companies in the financial services sector should evolve into a progressive cyberrisk management paradigm that strives to achieve three fundamental qualities: Secure against known threats through risk-driven investment in foundational, preventive controls and policies; Be vigilant by improving the ability to detect emerging threats and anomalous patterns amidst the highly complex and data saturated environment; and be resilient to enable the organisation to recover from attacks as quickly as possible and minimise both direct and indirect damages, he noted.