Banks need to boost cybersecurity protocols to guard vs threats, attacks as clients shift online
FINANCIAL INSTITUTIONS need to continue boosting their guard against fraud and crimes as consumers shift towards online transactions amid the coronavirus pandemic, stakeholders said.
“With that surge of transactions, it is paramount to implement cybersecurity protocols to protect the institutions and most importantly, the customers,” Spark Perreras, chief executive officer and co-founder of financial technology firm PearlPay, said in a BusinessWorld Insights Forum on Friday.
Mr. Perreras said the vulnerability assessment penetration testing mandated by regulators is a vital point in cybersecurity as it is meant to gauge flaws in a system.
Meanwhile, Paolo del Puerto, chief marketing officer at cybersecurity platform Secuna, said lenders are not the only institutions that could be victimized by hackers, noting around 30 schools were hacked in June this year.
He also cited a study which showed it took firms about 206 days to detect a data breach.
Mr. Del Puerto said that to be safe against cyberthreats, it is important for institutions to go beyond time-sensitive assessments mandated by regulators.
He added that companies should develop better communication with stakeholders and be more receptive to feedback from users that may have experienced such attacks.
“Cybercriminals are attacking 24/7. You wouldn’t know when they would be able to exploit the vulnerability,” Mr. Del Puerto said.
For his part, Philip B. Casanova, principal for technology consulting at SGV & Co., said banks should approach cybersecurity as a governance issue and not just a technical issue.
“Banks and financial institutions would need to educate their employees and their customers about the risks…not believing everything they receive,” he said, calling this the “human firewall mentality.”
Businesses should also employ a “secure by design principle,” said Mr. Casanova, wherein cybersecurity is put forth in the early planning stage of a system.
If cybersecurity strategies are formulated earlier, businesses will also be able to reap economic benefits, he said.
“The cost to fix [a cybersecurity system] is 30 times more expensive [compared with] if you fix it during the early stages of the development life cycle,” he said.
The Bangko Sentral ng Pilipinas earlier urged lenders to have a “zero trust” cybersecurity system approach wherein resources are continuously authorized and verified through security protocols. These methods include biometric technologies and multi-factor authentication techniques. — L.W.T. Noble