by Reuben Koh, Security Technology and Strategy Director
The Asia Pacific (APAC) region has evolved to become a powerhouse of global economic growth. While such growth is certain to continue – the Asian share of global GDP is predicted to account for over half of global GDP by 2030 – the challenges confronting this growth will inevitably become more complex.
In line with this economic growth, the financial services industry in APAC has experienced rapid changes and disruptions over the years. Macroeconomic uncertainty and geopolitical disruption have upended a period of relative stability, and the sector is currently undergoing increasing volatility that will impact long-term growth.
However, there is hope – McKinsey’s Global Banking Review sees digital and technological resilience as one of four pillars that can help turn the tide in the future. Specifically, the report warns that while cyberattacks and their related disruptions remain a serious risk, the best banks have a well-protected and future-proof technology infrastructure, as well as superior data security.
It is important to note that cyber-attacks in the financial services sector are becoming more frequent and ever more challenging for defenders to deal with by the day – particularly as institutions expand their use of platforms and technologies, inevitably increasing their exposure to new cyber threats.
A recent survey by Akamai revealed that 33% of APAC cyber leaders felt a high-risk tolerance is standing in the way of increased investment in cyber security, while 57% said senior leadership doesn’t believe the risk of cyber-attacks justifies the cost of additional security investments. Cyber leaders are under more pressure than ever to keep up with new potential threats – yet many feel that their organizations are increasingly willing to take risks in this race to drive profitability.
Increasing volume, variety, and complexity of cyber-attacks in finance
Research from Akamai’s 2022 State of the Internet report revealed that financial services organizations continue to be the biggest targets of cyber-attacks like phishing and ransomware. Businesses in APAC experienced a massive 449% surge in web application and API-related attacks in 2022, and Akamai research identified finance as the most targeted vertical in APAC for such attacks.
While the cybersecurity industry has responded with a wealth of anti-fraud solutions, threat actors are also stepping up their use of technology by using advanced ransomware, bots, scripts, and other new automation tools to conduct reconnaissance, test for vulnerabilities, and deliver attacks at scale.
Malware-as-a-service also makes these tools readily available, driving a spike in attacks across the world. Akamai’s research saw an 81% increase in bot activities linked to account takeover and web scraping-related attacks in 2022. Even phishing and social engineering techniques are getting more convincing, thanks to accessible generative artificial intelligence tools like ChatGPT. Fake websites that impersonate financial institutions, to lure unsuspecting victims into phishing campaigns are also now easily available in the form of custom phishing toolkits for sale.
As the digitalization push continues in finance, organizations now find themselves having to constantly stay on top of all the evolving trends in cybersecurity – on top of grappling with challenges around customer privacy, data security, and regulatory compliance.
Unfortunately, many companies are not ready for these challenges – Akamai’s research shows that only 41% of CISOs in APAC were confident of mitigating a ransomware attack attempt and that 33% lack sufficient resources to implement new security controls. What can financial institutions do to better secure themselves in this new digital landscape?
How financial services organizations can improve their cybersecurity posture
Financial institutions should focus on sound, basic cyber practices to ensure security in today’s digital landscape. While new innovations, like artificial intelligence and machine learning, can help improve security, most of an organization’s cyber defence can be effectively implemented with basic practices. Here are five ways financial services organizations can build a strong cybersecurity posture:
- Ensure that contingency and response plans are in place and updated
Threats today are numerous, diverse, and widespread. Vulnerabilities discovered and disclosed by cybersecurity experts are often exploited by attackers within 24 hours.Having contingency and response plans is essential to mitigating these threats, but these plans will be ineffective if they are not updated regularly. Organizations must ensure their incident response playbooks are updated and able to address the evolving techniques of today’s cybersecurity threats – be it ransomware, DDoS, malicious bots, or API and phishing attacks.
- Understand the industry’s ever-expanding attack surface amidst continuous digitalization
Financial services organizations’ attack surfaces are continuously expanding as they add more systems, APIs, and data to fuel digital innovation. Financial institutions must take stock of their growth and assess their attack surfaces and risk exposures – a key practice in devising mitigation and response plans.For example, companies should regularly work to discover catalogue APIs across the enterprise and conduct vulnerability testing and risk assessments of each one. The insights from these discovery and cataloguing exercises will provide cybersecurity leaders insights on how and where to implement specialized API security tools and policies to safeguard against new risks.
- Ensure continuous reviews of risk
Financial institutions must review and validate a business’s risk appetite and acceptance decisions considering today’s constant and evolving threats. Businesses should re-evaluate their risk models in terms of fraud management, customer-based threats, and account takeovers often. Even the most sophisticated risk models will be irrelevant if they are not updated and trained to detect emerging threats – and the related trends behind them.It is also crucial for cyber leaders to help senior leaders and employees better understand these new threats so that they are aware of cybersecurity implications when they design new digital finance experiences and processes. Building a culture of cybersecurity and digital risk savviness in the organization will also help to improve the overall cyber resilience of the organization.
- Update phishing defences to combat more sophisticated techniques
The financial services industry remains one of the top targets for phishing attacks. While many companies have basic anti-phishing defences across e-mail, they must be updated considering today’s complex threat landscape and need to be expanded across all channels to be effective.Attackers today are using sophisticated techniques like multi-factor authentication (MFA) bypass to circumvent defences. Organizations must update their phishing defences based on how attackers exploit MFA vulnerabilities. Educating customers on new phishing techniques, fake phishing websites, and how to identify new cybersecurity risks is crucial to success. Organizations should also implement phishing-resistant MFA solutions for their employees that are based on the FIDO2/WebAuthn standard.
It is also highly recommended that organizations adopt a zero-trust approach to better secure themselves and their customers against phishing, ransomware, and other threats, where only the least-privileged access is granted and will be continuously monitored after a rigorous verification process.
- Stay on top of evolving attack trends and engage with peers
Financial services organizations can stay abreast of emerging threats by actively participating in cybersecurity community updates and discussions. This includes attending briefings by local authorities and computer emergency response teams or joining industry groups that collaborate on threat research.Financial institutions should also communicate with peers, cybersecurity experts, and partners – like telecommunication companies, technology vendors, and their digital supply chain – to better identify potential vulnerabilities wherever they may arise and to adapt their risk and security strategies accordingly.
More importantly, cyber leaders should meet regularly with the C-suite, the board, and senior decision-makers to share insights on new cyber threats and the severity of growing risks faced by the finance industry. Communicating the impact of these risks, and quantifying the resources needed to mitigate them will help cyber leaders get the buy-in and much-needed support from management so as to better defend against highly sophisticated cyber threats.
