Why an Overhaul in Cyber Security Mindset is Crucial for Bankingby Vincent Fong January 8, 2019
In an increasingly connected world the need for a robust cyber-security in the banking sector is more important today than it has ever been.
While banks of the past defended themselves from malicious actors with better vaults, exploding dye packs and armed guards — banks of today face a very different breed of criminals.
A study conducted by Cisco indicated that In Asia Pacific, many companies receive up to 10,000 threats a day which equates 6 threats are received every minute.
Against the backdrop for the need of increased security, is also the need for digital transformation to meet the evolving expectation of consumers, which is often viewed as two opposing forces. Increased security often viewed as increased friction that affects the user experience.
In a trade mission hosted by TM ONE in collaboration with the Department for International Trade of British High Commissioner, the Fintech News Malaysia team was invited to a closed door session where we were joined by senior representatives from TM ONE, Digital Shadow and Trustonic to deep dive into the state of things in cyber security, banking and fintech.
Cyber Security is Not Just a Necessary Evil
Ben Cade CEO, Trustonics, expressed that cyber security should not just be viewed as a necessary evil — far from it, he feels we need to re-frame cyber security as a means of delivering faster and simpler experience to customers.
His views on the perception of cyber security holds water, a study conduced by Microsoft and Frost & Sullivan reveals that majority of their respondents sees cyber security only as a means to safeguard an organisation against malicious actors.
The limited scope in which we view security is often reflected in marketing messages by cyber security vendors and consultants who often tout potential economic losses and opportunity costs at the front and center of their messaging.
And who could blame them, saying 1/4 of every breach cost between US$1 million – US$2.4 million is definitely a compelling message that demands the attention of prospective customers.
Carol who leads the BFSI team for TM ONE observed that this frame of thinking is one of the factors that creates dissonances between the innovation team and cyber security team in bank.
She added that this could often lead to security features being an afterthought instead of being baked in into the product design to enable a seamless and secure experience for their customers.
Shifting Mindsets: Cyber Security as an Enabler
James Chappell, Founder and Chief Innovation Officer, Digital Shadows echos Ben’s views, he opines that the industry has got it wrong. He expressed that a prosperous digital economy can only happen when you are able to trust the services you use.
Trust is indeed a factor that is waning, in light of international bigtech firms like Facebook leaking 6.8 Million user’s private photos and Google’s data leak that is said to affect 500,000 users. Whereas back home Malaysia made international headlines which saw 46 million phone numbers leaked.
Incidents as such depletes user confidence is participating in digital economy, which is particularly true when it involves money. Take e-wallets for instance, despite an aggressive push from the industry, a study from VMWare reveals 46% of users in Malaysia felt insecure about security measures implemented by e-wallets.
In contrast 70% of them prefer more traditional channels of interbank transfers, which was attributed to their trust in the security of these systems.
Realising that security is a feature rather than a costs can do a great deal in improve the state of things, when an item is viewed as a cost investing it in seems secondary. However when it is viewed as an enabler to drive revenue or user acquisition, the budget owners are likely more inclined to invest into cyber security.
Mohd Rafiq, Head of Information Security TM ONE commented that the best kind of security are the ones that are invisible and transparent to the users. However achieving such seamless and secure experience requires for the cyber security team, product team and digital team to work cohesively together. Only when the cyber security team is involved with the entire product development cycle can they then understand and design cyber security with user experience in mind.
As we usher in this new year, let 2019 be the year in which the industry breaks away from this outdated of viewing cyber security. The best way to view cyber security is to think of like the brakes of a Formula One car, a mechanical marvel that’s not there to hinder the car but rather as an enabler that allows the very car to go as fast as it needs to without losing control.