Commentary
Retail Banking
Staff Reporter
, Singapore
Published:

Top takeaways for security in Asian banks

By Sharat Sinha

Cybercrime has become a major global issue that is seeing increased sophistication with cybercriminals striving to find new and improved ways to access networks. The result is a sizable financial loss to individuals and organisations with serious damage to brand image and reputation.

The recent spate of cyber-attacks on financial institutions across Asia Pacific, including the theft of Standard Chartered’s customer data via a third-party vendor, and cybercriminals setting up a fake POSB Internet banking phishing website, has highlighted the importance for banks to re-examine the way they are protecting their data and customers.

Even though banks will always be a prime target for cybercriminals, there is a lot that can and should be done to protect against such attacks.

The following key takeaways for Asian financial institutions emerged from discussions during the FS-ISAC summit held in Florida, including:

1. Segmentation

More needs to be done on segmentation across organisations and their IT infrastructure. This is a broad topic that involves employees, contractors, data centres, endpoints, computing infrastructure, and more. It includes better segmentation of facilities, branches, remote offices, or business partners located in high-risk geographies or conducting business within these areas.

Of particular importance is the sharing of best practices to protect facilities and groups in high-risk geographies as well as a need for clear segmentation of assets, systems, and data based on their risk level and access control of users and applications.

2. IT costs vs. tighter security

Organisations must be proactive when it comes to the growing dilemma between controlling IT costs versus the imperative to tighten security. This is especially important around technology initiatives such as:

• Mobile computing. As part of a device refresh cycle, many financial organisations are in the process of retiring their portfolio of Blackberry devices that were provided years ago to employees with the goal to improve work flexibility and productivity.

Old devices are now replaced by a full BYOD model with employees allowed to use their chosen devices to connect to their enterprise network. It is highly recommended that IT departments proactively deploy solutions that will force all traffic coming from mobile devices to go through security checks similar and even tighter than other network traffic.

• SaaS applications and cloud computing. Along the same lines as the above, the use of SaaS is a fairly logical way to reduce costs for applications that are not core to your business and for which you might not want to keep critical expertise in-house.

3. Better network segmentation

Organisations are living under a constant state of compromise. We keep hearing that threats are more often coming from the inside of an organisation, making any security strategy based only on perimeter protection obsolete. Network segmentation helps significantly by blocking attacks from propagating from one zone of your network to another.

Next-generation firewall will directly contribute to a stronger overall security platform, starting with the endpoint and detecting attacks there as well as detecting when threats are attempting lateral moves within networks.

4. Importance of sharing threat information

Finally, there’s broad acknowledgement that threat information sharing is critical to raise the bar for the bad guys. It’s ironic but in many ways it feels like the bad guys are better organised as a community compared to the enterprises that need to protect themselves.

I have not heard one objection against the need for the private sector to collaborate though communities like the Association of Financial Advisers (AFA) and the Association of Banks (ABS) in Singapore, to share threat intelligence more systematically.

As the threat landscape evolves, banks will always be a prime target for cybercrime, yet they have a responsibility to protect their customers, making it imperative for organisations and their employees to understand the vulnerabilities that exist in the network.

It important for all parties involved to collaborate to adapt and overcome the sophisticated, multifaceted security threats faced by the ecosystem of information security.

Also Read

ZA Bank, bank virtual pertama Hong Kong

Pemberi pinjaman dari Hong Kong menyiapkan inisiatif keberlanjutan pasca-pandemi

Pembekuan pendanaan menghantam penyedia layanan BNPL

Investor semakin sedikit mengalirkan dana ke penyedia layanan BNPL yang sudah menghadapi keuntungan margin yang tipis.

HSBC: Aliansi bank-fintech merupakan win-win

Pemberi pinjaman dapat belajar dari teknologi disruptif sambil membantu mereka mematuhi regulasi.

Tokenisasi aset perdagangan untuk menjembatani kesenjangan pembiayaan

Teknologi blockchain dapat mendesentralisasikan operasi keuangan dan mempermudah akses kredit.

PT Bank Permata meluncurkan kartu perjalanan dan kuliner untuk klien berkelas

Nasabah prioritas dapat memperoleh 20.

BCA menjalankan komitmen terhadap keuangan berkelanjutan

Bank asal Indonesia ini mempertimbangkan aspek lingkungan dan tata kelola dalam keputusan pemberian pinjaman.

Mengapa UNOBank mendorong embedded finance tumbuh di Filipina

Bagi UNOBank, banking interface terpadu adalah strategi pertumbuhan sekaligus upaya inklusi keuangan.

OCBC mencoba mengurangi kesenjangan manfaat bagi agen properti di Singapura

Produk terbarunya menawarkan manfaat finansial di bidang perbankan, asuransi, dan perdagangan.

Upaya Malaysia menjadi anggota BRICS untuk mendorong perombakan sistem perbankan

Namun, tantangan muncul ketika menjauh dari ketergantungan pada AS dan SWIFT.

Platform pembayaran PingPong memperoleh lisensi PJP di Indonesia

PingPong mengincar ekspansi ke pasar ekspor senilai $320 miliar di negara tersebut.

Merger dan penutupan mengancam 3.800 bank di area pedesaan Cina

Sekitar 70 bank di area tersebut telah merger sejak 2023.
Join the community

Thought Leadership Centre

Navigating the Cloud Migration Journey: Strategies for Banking Incumbents

Explore how FinOps fosters cloud efficiency, balancing performance and cost while aligning with sustainability goals

In Association with

SmartStream launch high performance, AI enabled platform to meet client demands for managing complex data

Harnessing the power of observational learning in data quality processing and management

In Association with

SAP SPM: Boosting sales success whilst ensuring regulatory compliance

SAP Business AI: Unlocking the power of AI in financial services

In Association with

Resource Center

Shaping the Future of Banking: An Exploration of ASEAN Trends and Transformations

Comarch AI-driven digital solutions enable better, more personalised banking

Banking in a Volatile Economy & Navigating Uncertainty

Bridging The Gap: A Survey On Alternative Financing

Improving API Security in Digital Banking

The financial services world of the future

Re-wiring financial services operations for a bold future

Fraud surveillance in today’s hybrid banking environment

ABF Retail Banking Digital Conference 2021

Print Issue

Read Here
Advertise
Sign Up

Event News

CIMB Niaga leads the way in captivating Indonesia’s youth
CIMB Niaga leads the way in captivating Indonesia’s youth
The bank’s digital solutions are winning over younger generations with 3.
BCA sets benchmark in Indonesia’s microfinance sector
BCA sets benchmark in Indonesia’s microfinance sector
Siam Commercial Bank shares crisis lessons from pandemic
Lending & Credit Siam Commercial Bank shares crisis lessons from pandemic
Thai central bank’s digital payments on ‘top of the world’
Cards & Payments Thai central bank’s digital payments on ‘top of the world’

Videos

Testing

Testing

Banks expand AI adoption amidst governance challenges

Banks expand AI adoption amidst governance challenges

BSP enforces tailored cyber resilience rules for smaller institutions

BSP enforces tailored cyber resilience rules for smaller institutions

Companies urged to implement AI with focused use cases

Companies urged to implement AI with focused use cases

View more videos

Partner Sites

Asian Power
Asian Power
Asian Business Review
Asian Business Review
Healthcare Asia Magazine
Healthcare Asia Magazine
Retail Asia
Retail Asia