Connect with us

Hi, what are you looking for?

Articles

Simplifying Complete Security

Banking Frontiers hosted a panel discussion on ‘Simplifying Complete Security’ to find and share a clear picture for the benefit of cooperative banks. Palo Alto Networks was the Knowledge Partner:

New threats vectors are emerging in the banking sector each day. CISOs & CSOs from the segment are hard at work battling newer cyberthreats. Compared to earlier, when the ransomware and trojans were targeted at the bigger players, attackers have now turned their attention toward mid-size and cooperative banks. In this context, it was imperative to get connect with experts from the sector and analyze importance of cybersecurity and related issues.

Threats continue to plague the BFSI sector, especially as it involves money and monetary transactions. The threat landscape has also changed from simple hacks into the perimeter to sophisticated hacks such as ransomware and Trojans.

“It is a continuous game of cat and mouse, between the cyber attackers and the IT security personnel in the banking sector,” noted Satish Lele, CISO, Cosmos Bank.

Secondly, even as OEM partners launch new technologies, there a lot of in-built variables. This means that though the bank upgrades its existing security application, the underlying technology is also changing at a fast pace. Hackers are exploiting these vulnerabilities.

Human emotions also impact IT security, said Sameer Gadve, CSO, TJSB Bank. “Human beings drive technology across organizations. Attackers take advantage of human emotions like fear, greed or ignorance to launch targeted attacks.”

There is a need for cohesive partnership between the internal IT security specialists, the OEM vendors and strategic partners – this underlines the need for either a horizonal and or a vertical model.

Horizontal & vertical models

Santosh Mohile, Head, IT, SVC Cooperative Bank, pointed out the need for horizontal and vertical models. He shared: “Vertically, for specialized knowledge, we depend on the OEM partners for technology, and for the horizontal layer, we scout internal as well as external talent for our day-to-day operations including monitoring and alerts. Currently, in a bid to reduce manual dependency and fine-tune automation strategies, most banks are strengthening the horizontal layer.”

Besides developing the horizontal and the vertical stacks, rising demand for integration, automation and orchestration are forcing the CISOs/CSOs burn midnight oil to determine security functions that should be built in-house, and those that should be outsourced.

In-house vs Outsourcing

Mapping security and identifying gaps and loopholes is serious business. Attackers are one step ahead of the defence – this has necessitated increased need for investments in SoCs, automation and optimization of technologies as well as resources.

According to Rohit Singh, CSO, Arihant Bank: “Everything cannot be done in-house. For instance, since it is very difficult to build SOC in-house, most CISOs outsource the service to OEM partners. The benefits of outsourcing are double – the bank automatically gets updated version of the technology and related services as signed in the SLAs.”

On the other hand, many banks are weary of the outsourced model due to criticality of information involved, and are opting for the hybrid model. The CISOs are spending IT budget dollars in training employees and obtaining certifications to protect critical infrastructure and applications, enabling them to be proactive rather than react to threat intelligence.

Need to be Proactive

There is a need for the banks to leverage the larger ecosystem which can help them to mitigate and overcome big security challenges. Presently, the IT security at most organizations including large private sector banks react to threats. But increased number of threats from varying platforms calls for a proactive approach, the panelists asserted.

Atul Naik, CISO, Jalgaon Janata Sahakari Bank, acknowledged that the security teams at banks respond to threats alerts about 90% of the time. “Very few banks are actually working proactively to hunt threats in their environment. And that that’s a bigger challenge, not only with, cooperative banks but also with the larger banks.”

Each bank has 20-30 security solutions from different vendors, and these need to be integrated. “Orchestration and automation are the next logical steps after integration to develop a native building block to leverage the technologies. Many organizations may not have the necessary skillsets to proactively identify threats. OEMs can play a key role,” voiced Tarique Ansari, Lead, Solutions Architect Team, Palo Alto Networks.

Lele of the Cosmos Bank proffered that at the CSO/CISO level, the priority is to identify future hacks and be prepared to tackle those. This involves a proactive strategy starting with mapping skillsets of the IT security personnel, training in latest technology and certifications, live detection threats and prognosis and threat mitigation. But the most important strategy would be to identify the pillars of cybersecurity.

Pillars of cybersecurity

Cybersecurity at both levels – threat intelligence as well as new threats has grown leaps and bounds. CISOs/CSOs along with solutions partners are developing a framework for proactive prognosis. Also, with new technological developments at the infrastructure level such as AI, ML, IoT, the stakeholders have identified some key pillars of cybersecurity.

According to Lele, threat intelligence can be categorized into domains viz. strategic, technical, operational, and tactical. He explained: “The strategic intelligence has impact on a larger scale, for instance financial impact of cyber activity or cybersecurity poster of any country). Technical domain enables expertise to identify the indicators or compromise; operational threat intelligence is actionable intelligence and tactical intelligence can be compared to precision used by military commandos.”

Ansari of Palo Alto Networks, named 3 more key pillars to cybersecurity: people, process and technology. According to him, each bank should have competent resources with the right skillsets to battle rising cybercrimes. Urging the resources to keep an eye on the process and governance framework, he said: “The focus should be on best practices. Once you have the right product, right people and the right process, you can achieve your security outcome easily.”

Badrinath Kilambi provided a UCB perspective: “For small cooperative banks, the data infrastructure is the same. But there is a difference between the complexity of security appliance deployed in large banks vis-à-vis co-operative banks. In such a scenario, shared best practices go a long way. They not only help us identify complex threats, but also help us tie the right solution and the resource fit.”

The CISOs also opined that the pillars strengthen the bank’s resolve to meet RBI’s technology vision for cyber security for urban corporate banks for 2020 and 2023. Their resolve is indeed strong backed by the RBI mandate to train some board members in cyber security.

RBI Mandate & Compliance

The panelists stated that the RBI mandate asking the board members of an organization, to train in cybersecurity is a welcome move. According to Mohile: “With the cyber security framework for UCBs in place, board also has responsibility towards compliance and governance. As a result, there are detailed roles and responsibilities defined for the board members.”

Atul Naik informed: “Before RBI guidelines (2019), IT security was handled by normal IT staff in corporates, but with the IT security vector rising each day, the board has realized the need to set-up separate IT Security departments headed by a CISO or CSO.” Satish Lele: Recently we conducted source code audit, which we are never thought before, next in line is a source code audit of the internal applications which is critical.

Connecting with the Board

The RBI mandate that board members be trained in cyber security is a boon. As a result, board members are asking specific questions on overall security posture, threat intelligence and proactive readiness to mitigate risks, etc.

One of the early steps taken by the board to meet the compliance is to form a committee to oversee cybersecurity. The discussions are fruitful pointed out the panelists, who argued that development is a win-win situation for all.

“The board understands numbers, and we are able to provide figures in terms of incidents prevented or thwarted at source and the overall financial impact on an organization or the business as whole,” said Gadve.

Mohile added: “With the committees in place, we are scaling greater heights in information security. Continuous monitoring and broader understanding at the board level enables us to continuously prepare the system and also draw lessons from incidents reported in the sector.” The CISOs asserted that the involvement of the board in drawing info security policies has worked 2-fold. One is that the new security solutions have made the banks ambitious. “We have started a graded approach, and are implementing solutions needed to scale-up the ladder,” added Mohile

Secondly, it is easy to convince the board to increase IT spends on security enhancements, especially post the global pandemic. “Now that they are equal stakeholders and understand the risk to business, it is easier to get projects approved by the board,” said Gadve.

In conclusion, it can be seen that with digital banking and online payments becoming the new norm, CISOs will have to keep developing their armor to safeguard their banks and their customers.

[email protected]

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

PR Newswire

Copyright © Glocal Infomart Pvt Ltd. All rights reserved. Usage of content from website is subject to Terms and Conditions.