Abstract: The article discusses the importance of cybersecurity in the modern financial sphere and the solutions to fight against ever-increasing number of cyber-attacks as well as their downsides. The reasons that make financial institutions more vulnerable to cyber attack have been given. The benefits and drawbacks of greater use of cloud computing and blockchains have been presented.
Keywords: Cybercrime, financial institutions, cybersecurity, cloud computing, blockchain, electronic banking
Nowadays, in our computerized world, new risks emerge every hour of every day. Connecting to the Internet opens up the possibility of a hacker targeting your organization. Cybercrime is becoming big business and cyber risk is a focus of organizations and governments globally. Monetary and reputational risks are high if organizations don’t have an appropriate cybersecurity plan.
Since financial institutions work with “real” money and process a huge amount of transactions, they attract the most advanced cyber criminals. Armed with modern technology, attackers have switched from “easy” prey (ordinary customers) to more complex but lucrative targets - financial service providers. The activities of attackers are often well organized and do not have national boundaries.
The IT infrastructure of modern companies includes many systems that are closely interconnected, and mobile devices are widely used for remote access and data exchange. This is how digital transformation makes financial institutions more vulnerable to typical and targeted attacks. Additionally, recent security research suggests that most companies have unprotected data and poor cybersecurity practices in place, making them vulnerable to data loss. To successfully fight against malicious intent, it’s imperative that companies make cybersecurity awareness, prevention and security best practices as a part of their culture. Statistically, the banking and financial services sector faces almost three times more cyber-attacks than any other industry. Maintaining high levels of IT security in banks and financial institutions is more important than ever before.
Today, in the year of 2020, the risks keep increasing. According to recent reports, COVID-19 is blamed for a 238% surge in targeted cybersecurity attacks of banks. Cyber criminals, who feed on chaos and uncertainty, have taken the crisis as an opportunity.
The rise of FinTech ”disruptors”, or innovative start-ups, such as Monzo and Revolut, have fuelled the adoption of various technologies by traditional banks, who are shifting strategies in an attempt to keep up. Among other trends, traditional banks are having to progressively outsource certain activities to minimize operational complexities. This is particularly necessary as consumers are demanding banking in real time, whereby they can track their financial activity and move money instantly.
This means, for example, embracing cloud-based software and infrastructure-as-a-service (SaaS and IaaS) applications to administer operations such as Customer Relationship Management or Human Resources. Not only does the cloud allow banks to more effectively manage and store sizeable datasets, but it also provides a more comprehensive analysis of the data amassed, while keeping costs to a minimum.
With greater use of cloud computing, we have since also witnessed a shift towards digitalization and alongside that, AI and machine learning. Both have been fundamental in conducting a more accurate and objective credit assessment of prospective borrowers as well as the risks posed by customer behavior, when deciding on insurance premiums. It has also revolutionized fraud detection, and advanced stock performance predictions.
Unfortunately, while these new technologies are transforming financial institutions for the better, they also expose the same institutions to potentially detrimental risks. For instance, as banks begin to entrust third-party service providers with core functions, the probability of an insider threat occurring escalates. Blockchain also has its drawbacks. This is due in part to the use of smart contracts or self-executing code that does not require manual intervention to complete financial transactions.
International practice gives us valuable guidance and a list of measures to improve cybersecurity on the Internet, adhering to a generally risk-based approach to information security. Applying the recommendations of the standard, apparently, will help financial organizations plan work to increase the level of information security of resources of computer systems connected to public networks. It should be noted that the first versions of cyber defense largely represent a fragmentary interpretation of traditional organizational and technical measures, often poorly systematized and incomplete, which is the main reason for their low prevalence.
To summarizе the above, active use of electronic banking in the banking business creates not only new general opportunities, but also general vulnerabilities, while forming a common responsibility. The creation of a cybersecurity system and the observance of a cybersecurity culture by all participants in information exchange in the context of the use of an electronic banking system are the key to customer confidence not only in a particular credit institution, but also in the entire banking system as a whole. The solutions are far from perfect, but the ongoing struggle to improve the cybersecurity of financial institutions must continue at all costs.
1.D. V. Romanchenko. Cybersecurity in the Russian banking sector and the experience of foreign countries // Economics and business: theory and practice. 2019. №6-2.
2. Cybersecurity of the financial sphere: report of the Bank of Russia dated October 10, 2019 [Electronic resource] URL: https://cbr.ru/Press/event/?id=3928
T. Ray.Cybersecurity in the Banking and Financial Services Sector – IoT Threats, Potential Solutions and Blockchain, 2018 [Digital Resource] URL: https://www.stoodnt.com/blog/cybersecurity-in-banking-financial-services/
S. Climer, M. Khan. Top 7 Cybersecurity Threats To Financial Services: A Cybersecurity Report, 2020. [Digital Resource] URL:https://gomindsight.com/insights/blog/7-cyber-security-threats-to-financial-services/
J. Malik, Cybersecurity in financial services, 19/03/2020 [Digital Resource] URL: https://www.globalbankingandfinance.com/cybersecurity-in-financial-services/