Even before the pandemic, banks were in different stages of digital transformation and cybersecurity maturity, based on their previous investments, budget allocation, and size in terms of customer outreach and service offerings. While bad actors have always used advanced capabilities to target core banking systems, the global pandemic that resulted in an increased digitalization saw a phenomenal rise in cyber threats in the banking sector. In a recent interaction with CXOToday, Manoj Kanodia, a cyber security expert and CEO at Inspira Enterprise, an IT solutions provider that works closely with some of the leading banking institutions in India, talks about the cyber security trends and challenges in the country’s banking sector and how security leaders in banking can prioritize cyber-resilience for growth and sustainability.
What are the major cybersecurity threats you have been observing in the Indian banking sector today?
One of the most pervasive cyber-threats is stealing account-related information. This is called account-centric fraud, where a criminal hacks and gains access to a customer’s mobile number, password, and OTP, among others. This leaves the customer’s account at the criminal’s mercy. Another major threat is that of identity theft.
Criminals are able to breach a bank’s cyber-security, and steal customer information. This information can then be sold online or be used by criminals to conduct transactions using the customer’s money. In essence, it is stealing the customer’s identity for purposes of stealing funds. The recent alerts against e-KYC fraud that some banks and telecom companies have had to face are a consequence of a method called spoofing. Here, cyber criminals imitate the website URLs, or even the entire website, or any other official information of banking and financial institutions. They then target users using those malicious links. Many users are susceptible to these kinds of threats and are duped.
The most challenging global cybersecurity issue is ransomware. We are noticing an incredible spike in the abilities of malicious players to use ransomware tactics against their targets. This is tougher to monitor and prevent because different digital currencies are now demanded as ransom. This includes bitcoin as well.
The banking and financial system in India is undergoing a major digital transformation. The challenges are exacerbated since all institutions parts of this system are at different stages of this transformation, thus facing a diversity of threats.
Increased digital transactions are leading to a phenomenal rise in ransomware, mobile banking malware, data-breaches, and other cyber threats. How can CISOs tackle these threats?
Ideally, there are three steps to addressing these threats. First, addressing threats the company faces from within. This includes ensuring that there are strict access management policies that monitor and prevent employees from gaining unnecessary access to restricted information. Banks should ensure that their employees are trained to deal with different kinds of cybersecurity threats, and a befitting training program on the latest cyberattack trends and cases will keep the employees more alert and responsive. Since the pandemic has shifted a lot of office data on the cloud, cloud security is also an essential and continuous process banks should keep in mind.
Second, addressing the external threats the company faces. There are several regulatory requirements that banks must follow to ensure that their data is protected. For example, RBI’s ‘Information Systems Security Guidelines’ for BFSI sector puts in place a mechanism on how banks should structure its IT management to ensure that customer as well as the organisation’s data is protected. Adhering to such compliance rules helps in securing the overall system.
Lastly, securing customer data. Banks must ensure customer data is protected in the digital front from all threats. The banking industry in India needs to be highly adept at addressing customer challenges online now. This requires keeping customers updated about how the bank secures their transactions and funds and making them aware, so they don’t make any errors from their end during transactions.
In other words, by securing the internal management, vendors, customers, and effective data sharing practices, banks can address the multitude of cyber-security challenges.
Banks are increasingly turning to third-party vendors to provide seamless customer experience. Does that pose new kinds of risks to them?
Over the years, banks have been securing their data and managing IT infrastructure internally. However, with evolving customer expectations, banks have started outsourcing many processes. Third-party vendors, while playing an essential role in the customer experience, also pose their own set of threats. One common trend is that many cyber-criminals are attacking members of their digital supply chains rather than attacking the bank. The most pertinent threat from these vendors comes from their access to the bank’s network. This means a threat to the vendor is also a threat to the bank. Thus, banks need to shore up not only their defenses, but also those of third-party vendors.
The RBI’s 2011 ‘Report of the Working Group on Electronic Banking’ set a framework on how banks need to conduct due-diligence, frame contracts, conduct risk-assessment, etc., before on-boarding them in their operations. More recently, RBI has raised many concerns, and even factors the risk of cyberattacks to the overall banking sector in its stress tests. Thus, the regulatory and industrial entities recognize these challenges and work to ensure they do not pose any disruption to the banking and the fintech, payments, and other related sectors.
Do you think AI, cloud, chatbots, IoT, etc are bringing more risks to banking? How can the CIO/CISO tackle the threats arising from these emerging technologies?
AI, cloud, chatbots and Internet-of-Things (IoT) are all examples of advanced technologies, which require intense planning before any organisation launches them. Any upcoming technology requires banks to investigate their efficacy. What banks should focus on, is not just the effectiveness of these technologies, but also how cyber-criminals can exploit loopholes in their internet connectivity.
For example, IoT, needs constant communication and interaction between different devices. This means that banks need to focus on the organization’s IT architecture and conduct thorough audits of inherent risks. This will give them an overview of how different threats can be countered. Similarly, cloud technology is one exciting area, which offers several secure solutions.
One of the most important steps that CIOs need to take is assessing the model risk of any technology upgrade. All these solutions – whether AI, cloud or IoT – require the development of models and that’s because implementing these requires a gradual transformation in how data can be utilized, stored, and analyzed.
How can adopting advanced technology and security systems help the banking sector to tackle cybersecurity threats?
Advanced technologies have multiple uses in the long term, particularly in securing IT infrastructure. One of the many trusted tools is called the Zero-trust architecture. In the modern internet, the concept of a ‘perimeter-less world’ is all pervasive. This means organizations such as banks need to set their own boundaries and guard it vigorously. Perimeter refers to every device, user, or network. This architecture dictates that none of these perimeters can be trusted, and thus, must be constantly monitored to ensure threats can be assessed and located in time. Basis this, no user or device can access any platform or data unless authenticated or authorized.
The most important application of Artificial Intelligence lies in identifying gaps in the IT infrastructure. This is essentially an automation function that allows banks to identify security risks and increase alertness to those risks. Certain intelligence functions of AI will also build solutions and consequently enable banks to automate some of the processes further. These are possible because AI builds on technologies such as Machine Learning (ML) and Natural Language Processing (NLP).
The cybersecurity market is facing an acute shortage of cybersecurity professionals. How can this issue be solved?
Addressing any skills gap requires us to go to educational institutions, and partner with them on different courses on cybersecurity. This way, we will get many students interested in the job who can then pursue such careers. But at the current level, companies need to focus on training and teaching their employees on how best to handle their technology. This requires companies to invest in learning and development courses on cybersecurity. By investing in courses on cybersecurity training, we can make upskilling possible.
How is Inspira playing an important role in the cybersecurity segment? How do you differentiate yourself from your peers in the crowded security market?
At Inspira, we ensure that we understand our clients’ requirements in-depth and analyze what solutions will best suit them. Cybersecurity solutions comprise the bulk of our business. Keeping this in mind, we operate a Cybersecurity Centre of Excellence, where we partner with variety of organisations, building their cyber-programs. We have an in-house team of over 100 cybersecurity professionals, who work with our clients on their end-to-end solutions such as security-operations-centres (SOCs), and consulting services among others. Inspira’s GSOCs provide 24 x 7 managed security services to some of the largest banks and over 70 well-known entities in the BFSI sector, with a centralized security monitoring system.
Our key differentiator lies in not only in how we build our solutions, but also the diversity of the clients we work with. This diversity gives us a wealth of experience in analyzing and building new solutions. Furthermore, while we have sector-specific expertise in the pharmaceuticals, banking and financial services, and public sector, we also work with clients such as those in the oil and gas verticals.
What are your India-specific plans in the next 12 months?
With digital transformation taking center stage due to the pandemic and the disruptions that followed, the demand for security and cloud solutions has increased drastically. Understanding the need of the hour, we feel it is the right time to expand Inspira’s business by hiring people at multiple levels across functions to address the growing demand for digital transformation in India. While we have over 700 professionals across the country, we hope to expand our workforce by over 400 professionals, to cater to the rapidly increasing demand for IT solutions. The positions for which Inspira is looking to add maximum headcount would be for SOC analysts (L1, L2 and L3 levels), device managers, network engineers, project managers, SOC managers and sales managers for regional positions in BFSI and enterprise verticals, to support the client base in India, ASEAN countries and the Middle East.
Finally, would you like to convey any message to cybersecurity leaders in banking to guard their turfs and succeed in the post-corona world?
While there are plenty of challenges that abound, it is also important to remain hopeful about the future. As technologies evolve, so do the myriad of challenges they bring about. There will always be bad actors who attempt to cause disruption. This requires banks to always be on guard, and partner with the right solutions providers to be cyber-resilient. To simplify the process, if banks follow these three key steps, it will allow them to be more cyber-resilient:
Protect Your Digital Perimeter – Control access based on who and what is connecting. Create network by providing secure remote access. Install integrated threat detection and defence tools like firewalls, intrusion prevention system, service and traffic tool, virtual private network encryption functionality, Wi-Fi protected access for the network, email spam filters and sound web security strategies such as AV scanning, malware scanning and IP reputation awareness.
Secure Your Physical Premises – Install security cameras and alarm systems equipped with motion sensors, mobile surveillance units.
Guard Your Intellectual Property – Develop and enforce intellectual property safeguard policy, which ensures that all IP developed by members of the organization belongs to the company, as well as non-disclosure agreements for employees and contractors, register the trademarks, along with any applicable patents.