Creating a personal and convenient banking experience helps banks stand out in an increasingly crowded and competitive marketplace. To grow or even just to retain market share, personalised offerings and better customer experiences are imperative.
For Fortinet Malaysia country manager Dickson Woo, however, in the race to innovate, banks must remain alert to unprecedented cybersecurity risks that continue to evolve with new technology adoption and increased hybrid working arrangements.
The former Ministry of Communications and Digital had reported that Malaysia experienced 4,327 cybercrime cases in the first quarter of 2023, with losses valued at RM77 million.
Increasing Cyber Risks for Banks
The value of cybersecurity for the banking sector
Woo, in a note today (Jan 16), said Banks need to fulfil the following cybersecurity requirements so they can shield their services and protect customers from threat actors:
Visibility: Mobile services, Internet of Things (IoT), and cloud deployments have created a complex banking landscape that demands complete oversight of all their environments to stay ahead of data breaches and cyberattacks.
Security automation: Integrating automated processes and ‘policy as code’ measures can take routine work off security teams’ hands, including reinforcing devices and monitoring the network. Policy as code is an approach where policies are written, updated and enforced using code.
Automation and operational efficiency: Modern cybersecurity demands integrated solutions that can automate tasks, reducing the need for manual configurations and constant monitoring. Implementing ‘policy as code’ can further streamline this process.
Flexibility: Having an adaptable security infrastructure is crucial for banks to enforce policies consistently across on-premises and multi-cloud architectures. They can also configure security solutions and practices to ensure robust protection even as infrastructure changes.
Compliance reporting: With central banks emphasising cyber resilience, security teams must balance adhering to these regulations and proactively defending against cyberthreats. Utilising policy as code can also help ensure compliance by codifying and automating policy checks.
Leveraging necessary change to maximise business outcomes
“Banks and other financial institutions are constantly juggling between meeting customers’ expectations and complying with a litany of data privacy and security regulations. Traditionally, each bank department is powered by separate systems to meet their distinct roles and responsibilities. The problem with this setup is that it leads to an increased risk of attacks, data breaches, and regulatory violations,” Woo said.
As banks continue to adopt new technologies to enhance their services, networking and security solutions should be implemented in tandem to better protect their ever-expanding infrastructure. This way, teams can leverage advanced defence capabilities and automation to respond to attacks.
Besides that, banks should also install software-as-a-service (SaaS) solutions that scale protection capabilities across network components. These include endpoint devices, IoT machines, and cloud services.
Thanks to increasing digitalisation, banks need to keep up with cybersecurity innovations to safeguard their customers and operations. Those who fail to build a strong cybersecurity infrastructure will lose customers and be subjected to ruinous fines and penalties. However, those who go on the front foot will find themselves reaping the rewards of improved customer trust and increased cyber resilience, Woo added.
