Corner OfficeCXO BytesInterviews

New Age Cybersecurity for India’s BFSI Sector

Uday Chaudhari is Senior Director – Technology Innovations (Blockchain, Robotic Process Automation) at Synechron. He is an experienced technologist with a demonstrated history of working in the financial services industry and with a strong IT background in Software Development Life Cycle (SDLC), Agile Methodologies, Software Development, Service-Oriented Architecture (SOA), and Software Project Management. He has been associated with Synechron for over 16 years. He has completed his computer engineering at Savitribai Phule Pune University.

  1. What is the current state of the cyberthreat landscape across the banking industry? What are the new types of cyber fraud that financial institutions must work to combat?

In the digital age, cyberthreats are numerous and constantly evolving. Financial institutions must have the requisite security structure to protect against anything from common viruses and malware to large scale cyberattacks and hacking attempts.

As per Vmware, there was 238% surge in the cyberattacks targeting financial institutions. Some of the most frequently seen cyberattacks are phishing, ransomware attacks, data breaches, Distributed Denial-of-Service (DDoS) attacks, and attacks on mobile-based banking platforms, that target stealing customer information, asset and cryptocurrency theft. Also, the increasing black swan attacks worldwide is a reason to be prepared as these attacks are the most unexpected and unknowable.

While mobile banking and on-the-go transactions are rising in popularity, mobile phones are one of the least secure points of access. According to Nokia 2021 Threat Intelligence Report, there is an 80% year-on-year increase in the first half of the year in the number of new banking trojans, which also try to steal SMS messages containing one-time passwords. Financial institutions and banks thus must work to protect not just their own data but secure their platforms and apps on the user’s end as well.

2. Could you elaborate on the new developments in the cybersecurity field that are helping secure financial operations?

Ensuring the security of data, is a top priority for banks and financial institutions as one cyberattack can result in a loss of millions of dollars. A number of new technologies are being employed in the cybersecurity field with regard to banking and financial sector. One of them is tokenization, a fine-grained form of data protection that replaces sensitive data with a non-sensitive equivalent referred as token to secure the original. Owing to a steep surge of e-wallets and mobile banking in India, RBI has started using tokenization as a way to protect sensitive information in the online payment world. Moreover, AI based learning is the most promising aspect, which offers instant multi-parameter verification for all financial operations. Many new systems are employing deep machine learning techniques to identify patterns and signs from previous attacks and develop better defenses against future breaches. Intensive testing to identify potential vulnerabilities and remove them. End-to-end verification also has taken large leaps forward through embedded hardware authentication and blockchain based security. Additionally, banks working with external technology vendors should request for ISO certificates that will allow the banks to know if the vendor has a proper functioning controls environment.

3. How is Synechron’s PayTech accelerator aiding in strengthening BFSI sector’s security systems?

Synechron’s PayTech accelerator is aimed at helping banks seize new opportunities across the payments landscape and solve evolving technology challenges. It addresses key imperatives within retail and wholesale payment ecosystems with the help of five solutions – Buy Now, Pay Later (BNPL), ISO 20022 Simulator, Black Swan Fraud Prevention, Liquify Treasurers Portal, and Payments Data Platform.

In terms of cybersecurity, the PayTech accelerator program employs Black Swan Fraud Prevention – a real-time fraud prevention system built with an omni-channel and omni-bank framework. It offers constant monitoring across transaction and operation channels and intelligently identifies abnormal behavior to flag cyberattacks in their early stages. It can isolate suspect operations while keeping the system functioning as normal for other users, and thus greatly improving the system’s resistance to cyberattacks of any scale. By powering the SOC of the bank with intelligent kill switches, it enables multi-layer protection against dangerous cyberthreats like large scale cyberattacks, data bank breaches, or fraudulent transactions.

4. Explain the role of emerging technologies to monitor, analyse, and prevent from potential threats within the banking systems

The bar for digital security has been raised tremendously over the last decade. As potential cyberthreats grow, newer and more advanced technologies must be employed to combat them. At present, constant monitoring and adaptive systems are the need of the hour – which is being fulfilled through AI systems capable of machine learning and analysis in the face of threats. Apart from AI and Machine Learning, blockchain verification is another avenue with wide ranging application to ensure security of data. These emerging technologies are building the foundation of the next generation of smart, always-on cyber security solutions.

5. What are the cybersecurity trends that you hope to see in the coming years in the banking sector?

The financial tech sector is one of the most disruptive in the world, and its growth has also boosted the development of cybersecurity. As mobile and contactless banking become mainstream, the sector has become more vulnerable to cyberthreats and frauds. Over the coming years, we expect to see a bigger focus on cloud based security as more banks move towards a decentralized data model. Further, an emphasis on data privacy and mobile security will make the ongoing push for mobile banking services that much more effective and secure. It is expected to see increased reliability on advanced blockchain systems and AI for fraud prevention, and adoption of Zero trust architecture. New regulatory technologies (RegTech) will be implemented in 2022 to streamline and access large volumes of data and placing stricter cybersecutiry norms. We can also see introduction of Secure Access Service Edge (SASE) Solutions worldwide in 2022, the SASE network architecture will aid to protect essential assets while maintaining their functionality by combining multiple systems and connecting security solutions to obtain the best possible outcomes.

Leave a Response