John Worrall, Chief Marketing Officer of CyberArk Software
Securing an organisation today is no easy feat. According to PWC's research, the 10,000 respondents polled worldwide claimed that their organisations have boosted their IT security budgets by 24 percent this year. However, the number of security incidents detected this year was 38 percent more than that in 2014.
The survey results suggest the need for organisations to revamp their existing security strategies — which are usually focused perimeter defence — to combat the ever-changing cyber attacks. This is especially important for banks as a breach in a bank's security could lead to massive loss for both the bank and its customers
"Traditionally, banks would focus on defending their network perimeter by relying on firewalls and antivirus solutions to keep out cyber threats/criminals. While that has worked in the past, cyber criminals today could easily break through the perimeter security via phishing," said John Worrall, Chief Marketing Officer of CyberArk Software.
"According to our forensic work, 20 to 30 phishing emails is all it takes for an attacker to penetrate a bank's network. Once the victim opens the malicious email, the malware will be downloaded onto the device and it will start acquiring the victim's credentials, which can then be used to cripple the business or steal sensitive information," he explained.
To overcome this, Worrall advised Asian banks to assume that their network perimeter is not impregnable, and take on a "proactive and detective approach to security." One way of doing so is to secure privileged accounts. A privileged account allows administrators to deploy, configure, and operate systems or applications. Since these accounts provide the keys to control a bank's IT infrastructure, they are highly targeted by cyber criminals. According to CyberSheath's report, privileged accounts have been implicated in 100 percent of the cyber attack breaches in 2013.
Privileged account security should be a top priority as banks digitally transform themselves too, said Worrall. "Anything with an Internet Protocol (IP) address has a privileged account. So, as Asian banks leverage technology to be more efficient and to reduce costs, they are also becoming more vulnerable to cyber attacks as every piece of technology is a potential means of getting into the network."
When asked why Asian banks have not been focusing on securing privileged accounts when they are vital and could be easily compromised, Worrall reasoned that banks used to adopt a compliance-driven approach to security. "Banks used to rely on regulations to provide a benchmark as to how much to invest in security. This approach is insufficient today as regulations are unable to keep up with the attackers today — regulations take a long time to be updated, during which the nature of cyber attacks would have changed. This is why even businesses that are compliant to most of the regulations have been breached. Banks should thus think of what to invest to be more secure than what the regulations require."