Effective and Impactful Banking Infrastructure Security & Defense – Curated Best Practices

It’s no secret that financial services have long been one of the most targeted industries for cyber attacks. Research shows that financial firms face as many as 300 times more attacks than businesses in other sectors. It’s easy to understand as the old saying goes, criminals rob banks because “that’s where the money is.” However, as banking has shifted to digital—both from the standpoint of customers accessing their accounts through digital channels, as well as financial institutions moving more of their IT infrastructure and business processes to the cloud—the risks have increased exponentially.

For banks & financial institutions, complete security means not only guarding against known threats but also preventing unknown dangers from getting through. As a standard practice, cybersecurity systems are updated regularly to guard against new threats and invasive methods as they are identified. But what if the biggest threat is something not yet thought of? How can security systems guard against a threat that does not exist today, but will be coming after your data tomorrow?

One way to address the same is anomaly detection, which flags anything outside the range of normal activity. It uses the rules-based capabilities of machine learning to create a final line of safety which, if missing, creates a vulnerability that can easily be exploited.

Building a Solid Security Perimeter

When it comes to protecting banks from attack, the first line of defence is simple in concept. Think of it as a wall that wraps around all environments and connection points to guard against any known, external threats. A strong perimeter defense must be updated continuously with all the latest information and defensive measures; tuned to changing threats.

Maintaining Security Inside the Wall

Maintaining security in a business environment is a continual trade-off between protection and accessibility. While a closed or nearly closed environment is good for security, it can be bad for business.

The zero trust model helps to maintain security while allowing for business as usual; it works like a security layer installed within the perimeter and around connection points, guarding against internal threats such as unintentional breaches and careless mistakes. With the shift to remote work, zero trust has become an even more important area of security consideration.

Developing a cloud-specific security strategy

Applying the same security strategy you used for on-premises systems to the cloud environment may not be a prudent approach. Instead, banks should establish new policies around what “good” cybersecurity looks like in the cloud. Whether migrating to a public cloud or building a private cloud, it’s important to focus on creating a solid, cloud-specific security strategy first.

Developing a Roadmap for Cybersecurity

The big challenge in cybersecurity, however, is the unknown. It requires enormous energy and thought into the emerging threat landscape and how it will evolve. The need to guard against current threats, which cannot be underestimated, must be balanced with careful and thorough preparation. This requires taking frequent inventory of tools and performing process analysis, as well as reviewing skills and organizational structures to identify what might become an area of risk.

Subramanian V
Chief Information Security Officer
IDBI Bank

Disclaimer: The views expressed in this feature article are of the author. This is not meant to be an advisory to purchase or invest in products, services or solutions of a particular type or, those promoted and sold by a particular company, their legal subsidiary in India or their channel partners. No warranty or any other liability is either expressed or implied.
Reproduction or Copying in part or whole is not permitted unless approved by author.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Sign Up for CXO Digital Pulse Newsletters

Sign Up for CXO Digital Pulse Newsletters to Download the Research Report

Sign Up for CXO Digital Pulse Newsletters to Download the Coffee Table Book

Sign Up for CXO Digital Pulse Newsletters to Download the Vision 2023 Research Report

Download 8 Key Insights for Manufacturing for 2023 Report

Sign Up for CISO Handbook 2023

Download India’s Cybersecurity Outlook 2023 Report