FINANCIAL organisations needed to work with vendors and partners committed to cross-vendor openness and integration to bolster their efforts to thwart cybercrimes, according to cybersecurity company Fortinet.
Fortinet Field CISO - EMEA Ricardo Ferreira said that when vendors worked together across the threat landscape, the sum of their products was greater than the individual parts, thereby deepening their level of cyber protection.
“Digital acceleration is essential for competing in today’s financial marketplace. However, it doesn’t come without risk. First, ensure employees are trained and reskilled in the organisation’s technologies.
Second, share data with industry peers to learn best practices and identify potential issues. Transaction Monitoring Netherlands (TMNL) is an excellent example of transaction data sharing to mitigate Anti-Money Laundering (AML),” Ferreira said.
The firm said that the top three strategic areas outlined in the IDC Infobrief, sponsored by Fortinet, Accelerating Transformation Through Cybersecurity in Financial Services, highlighted the core priorities for financial institutions as Trust, Security, and Resilience.
It said that the question is, how can FSOs (financial service organisations) lead and win through innovation while ensuring that risks did not overwhelm a traditionally risk-averse industry?
According to Fortinet, many FSOs had begun adopting new digital business models to help them thrive in a digital-first economy. It said that these included prioritising investments in key areas such as data-driven security, legacy modernisation, and personalised and contextual customer experiences. “But for these business models to work, they will need to rely on data, analytics, and cloud platforms.”
Last week, South African Banking Risk Information Centre (SABRIC) urged bank customers and other consumers to follow sound identity management practices to mitigate the risk of identity theft and fraudulent applications.
It recommended that bank customers do not disclose personal information such as passwords and PINs when asked to do so by anyone via telephone, fax or even email, that they change their password regularly and never share them with anyone else, verify all requests for personal information and only provide it when there is a legitimate reason to do so and that they do not use the information that may have been compromised.
It said that they rather use other personal information that they have not used previously to confirm their identity in future.
This came after the information bureau TransUnion South Africa confirmed that N4aughtysecTU, a hacking group, obtained data belonging to the bureau through the misuse of an authorised client’s credentials. The personal information obtained could include names and ID numbers.
Over the past two years, South African companies have been reporting that they have been victims of cyber attacks and data breaches. Some of these breaches included the compromise of consumers’ personal information.
The Department of Justice recently announced that it was a victim of a cybercrime. In a separate incident, Debt-IN Consultants, a professional debt recovery solutions partner to many South African financial services institutions, announced in September last year that a ransomware attack by cyber criminals resulted in a significant data breach of consumer and employee personal information.
It is suspected that consumer and personal information of more than 1.4 million South Africans was compromised through the Debt-IN attack in April last year. The breach only came to light recently.
The global cost of online crime was around $6 trillion last year, when the world saw 50 percent more cyber-attacks per week on corporate networks than the year before.
BUSINESS REPORT ONLINE