Cyber Security in Banking 4 trends to watch in 2017
SUBMIT YOUR CV WITH US

LATEST
NEWS

SEARCH VACANCIES

SEARCH

FEATURED NEWS

Cyber Security in Banking 4 trends to watch in 2017
09 Feb 2017

Cyber Security in Banking 4 trends to watch in 2017

Cybersecurity consistently dominates headlines, where attacks are becoming increasingly sophisticated, frequent and ambitious. From last year’s Democratic Party email leaks to the huge data breach at Yahoo, it appears no one – and no industry – is completely safe from the threat of cybercrime.

Cyber Secruity is a global concern, and is causing particular concern in Asia. In 2016, Japan witnessed its largest banking hack; 14,000 ATM cash withdrawals and ¥1.8bn / $18m SGD. It is no secret that the frequency of sophisticated cyber-attacks on the banking sector has increased. Across the APAC region, the financial sector has been hit hard. There were a number of high-profile incidents in 2016 including the Bitfinex bitcoin exchange hack in Hong Kong and the Bangladesh Central Bank heist. “$81.3bn SGDRevenues lost to cyber-attacks in the Asia-Pacific region in the 12 months; of a global total of $315bn SGD.”[1]. Across 2016, large scale heists took place in Taiwan, Malaysia and Thailand.

Cybersecurity standards and protocols have been set up across the region, yet it remains vulnerable to attacks. With the increasing frequency of sophisticated attacks the industry is in urgent need of robust, comprehensive cyber-security programs, supported by rigorous levels of governance, risk and compliance, to avoid becoming victims of an attack.

35% of all cyber-attacks are targeted towards the banking community making it an industry priority to optimise cyber resilience and enhance incident response preparedness to protect data and mitigate risks associated with money laundering and fraud.

Below are 4 cybersecurity trends we expect to see in Banking across the APAC in 2017:

1. Chief Cybercrime Officer

Many banking institutions are beginning to appreciate the gravity of the situation and are looking for some way (or someone) to tackle the issue of cybersecurity head-on.

As such, a new role of Chief Cybercrime Officer (CCO) has already been advertised by many within the industry where banks are looking to appoint senior staff with daily responsibility for protection against cyberattacks.

The CCO role will be task tasked with, ensuring the company is “cyber-ready”, taking responsibility for preventing breaches and taking the lead to manage problems and provide a vital link between the board members and the rest of the company.

2. Third-party vendor security

A business might have the right security systems and policies in place to protect itself from a cyberattack, but does its third-party providers and supply chain have that same level of security and diligence? If the answer is ‘no’, there is another vulnerability for the business and its customers, who could find themselves victims of a cyberattack.

One such example; SWIFT had been a trusted provider within the international banking industry. If you received a SWIFT message, you could be confident it was a legitimate transfer. But that was before hackers used malware to take control of SWIFT’s messaging app and send fraudulent SWIFT messages. This led to the theft of $81 million SGD from Bangladesh’s central bank.

In 2017 Banks need to make third-party risk management a priority if they are to avoid similar attacks. They must find their weaknesses and tighten policies, to prevent sub-standard security measures and systems providing the gateway for major exposures.

3. The growing threat; Ransomware

2017 will see a further rise in Ransomware which often offers hackers a simple and lucrative way to make fast money. For the organizations affected, it means not just a ransom payment, but also the loss of operations, employee unease and severe brand damage.

According to Trend Micro, Ransomware is predicted to grow by 25% in 2017[2]. Over the coming year, we will see attacks becoming more targeted and spreading into IoT devices, PoS systems, and ATMs.

By encrypting data, hackers are able to demand huge sums of money from organizations. It has become a threat that many banks have to suffer in silence; if customers were alerted to the fact that a firm was infected with Ransomware, the damage to the brand would be irreparable.

4. IT security skills shortage

The reality is that cyberattacks far outpace cyber-defense due to the clear shortfall in the cybersecurity workforce. There are currently more than one million cybersecurity job vacancies around the world. However, until that skills shortage is filled, the banking sector (and many others) will struggle to manage cybersecurity risks.   

According to a report by Intel Security, 82% of the IT decision-makers believe there is a shortage of cybersecurity skills within their organization with 71% of respondents agreeing that this shortage is doing their businesses ‘direct and measurable damage’.[3]

 

The Cyber Security recruitment solution

For the banking sector to overcome these barriers, 2017 needs to be a year of innovative solutions and a new approach to how we build the cybersecurity workforce. Hiring talent on a temporary basis is often the only route available for under-staffed security teams. That’s why the CISO-as-a-service or virtual CISO model is taking off and we expect it to grow further throughout the year[4].

Hot hiring trends within cyber security: 

  • Security Director/ Manager
  • Cyber Risk Manager
  • Security Architect
  • Information Assurance Manager
  • CISO/ CSO
  • SOC Director/ Manager
  • Forensics Investigator
  • IT Audit
  • Penetration Tester
  • Cloud Security

 

Salary Trends 2017:

Technology Risk

Years

Risk & Control

Governance Risk

Associate

0 - 3

$54,000 - $60,000

$48,000 - $60,000

Analyst/Manager

3-6

$60,000 - $80,000

$65,000 - $75,000

AVP/SrAVP

5-10

$80,000 - $150,000

$80,000 - $130,000

VP

8-15

$160,000 - $180,000

$140,000 - $170,000

SVP/Director

15<

$180,000 - $220,000

$175,000 - $190,000

If you’re interested in any specific additional data to support your business needs, or should you require specific information on general market trends, look into strategizing the position of the IT Security team internally or looking to have discussion on partnering with our team to enhance your Cyber Security mandates get in touch: Ishan.Daniel@selbyjennings.com.

Please note that the above salary surveys cover a significant proportion of the market, within vastly different organisations, taking into account different levels of seniority.

 

Sources:

[1] https://www.ft.com/content/38e49534-57bb-11e6-9f70-badea1b336d4

[2] http://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2017

[3] http://www.mcafee.com/us/resources/reports/rp-hacking-skills-shortage.pdf

[4] https://sentinelone.com/blogs/the-most-devastating-cyber-attacks-on-banks/

NEWS ARCHIVE
INDUSTRY NEWS: Fast Asia Open: Singapore GDP, Swift Rmb payments https://t.co/1KmxPqtcFb

SUBMIT YOUR CV

Contact us to find out more or submit your CV

(Please upload either Word or PDF format only)

Receive job and company updates by email from Phaidon International.