Cyber threats banks face in 2017

photo courtesy of iStockphoto

If there is anything 2016 taught us is that the financial services industry is in a perpetual state of red alert from information security threats with the Internet offering an unwelcoming channel for unwanted incursions.

Benn Alp, Security Solutions Architect, F5 NetworksAccording to Benn Alp (photo right), Security Solutions Architect at F5 Networks, in 2017 banks are rolling out more customer-facing channels and capabilities into online channels.

Not surprisingly this had the negative effect of attracting the cybercriminals and fraudsters leveraging sophisticated techniques to commit fraud and ultimately steal the customers’ money from their online bank accounts. Across Asia-Pacific, this is top of mind for financial institutions and will certainly be the top priority for security managers and security organizations within financial institutions in 2017.

Juni Yan, Managing Director for Hong Kong and Taiwan, F5 NetworksF5 Network’s Managing Director for Hong Kong and Taiwan, Juni Yan (photo right), predicts fraud, hacking and data breaches across digital channels will be the most serious challenges faced by banks and financial institutions in Hong Kong. He believes this is the reason why the Hong Kong Monetary Authority (HKMA) issued the Cybersecurity Fortification Initiative (CFI) in 2016.

According to the Hong Kong Police Force, a total of 33 fraud cases were reported by Hong Kong banks in the first half of 2016, resulting in losses of HK$53 million. This is a sharp contrast against 2016 when only 23 fraud cases and the loss was HK$26.8 million in the city.

Recognizing the technical and operational challenges of implementing the CFI, the Hong Kong Monetary Authority (HKMA) has opted for a phased implementation by calling forward initially XX licensed banks to get on with the program.

Yan believes that presents two significant challenges for the banks operating in the city.

“Firstly, the banks would need to figure out how they can organize themselves internally in order to address all these compliance requirements in the CFI. I think banks will need some time to decide who to be responsible, maintain, take ownership or drive certain project to make it happen,” she added.

She also warned of a potential shortage of information security service providers.

She explained that “banks in the same batch will likely compete for security resources in the market – there will be a sudden and high demand for security resources from different banks to address the CFI requirements all at the same time.”

Alp believed that beyond the skills and resources shortage, however, is a much more fundamental challenge for everyone in the industry – the underlying architecture that is the foundation of many existing financial systems.