Over the last decade, banks and financial services institutions have been adopting newer technologies and digital channels to increase footprints, revenue and reducing costs. This adoption has come with a backdrop of consumer preferences shifting towards digital products and services. The COVID-19 pandemic has dramatically accelerated the need for digital transformation in the BFSI section, from customers demanding digital no-contact services to bank employees working from home due to the health risks. But as the world struggles with the impacts of COVID-19, cybercriminals have mobilized. With their enormous stores of cash and consumer data, banks have always been a top target for hackers and cybercriminals.
The customer demand for digital banking has skyrocketed over the last quarter, and many first-time digital banking customer have been onboarded to digital platforms. Some of these customers might not necessarily be security-savvy. This is especially true for customers who have been forced to go digital, like the senior citizen demographic. With the emergence of a new wave of internet users from rural and semi-urban India, digital financial inclusion initiatives are most susceptible to data breaches that involve consumer frauds such as phishing and skimming.
The rapid shift to remote work has also opened new loopholes for cybercriminals. Many displaced workers lack secure equipment or protocols to maximize digital safety. With employees accessing corporate networks via personal devices, hackers are probing Wi-Fi configurations and VPN connections for vulnerabilities. Studies have linked the rise in cyber-crime directly to remote work, primarily because of the rushed nature of the transition. Even after organizations have successfully implemented remote work and employees have settled in to the new normal, cybersecurity remains a challenge. As more workloads and users move to cloud operations, accelerated by the current work-from-home requirements, cybersecurity resilience will evolve from a baseline performance requirement into a driver of competitive advantage.
Faced with increasing cybersecurity threats, what can organizations do to build cyber-immunity? Here are a few good starting points:
- Instead of repurposing the cybersecurity teams and budget cuts to save costs, allow them to do the work they are specialized for, and explore ways for them to safely work from the office since a lot of cybersecurity teams are not equipped to perform their jobs effectively from home.
- Educate users, employees, and customers alike, on the need to take personal responsibility for cybersecurity. There is an urgent need to educate users about cybersecurity, social engineering methods used by hackers, and what they as end users can do to protect themselves.
- Extent cybersecurity beyond to organization to include vendors and business partners. This can include security audits and education for contractors, vendors and 3rd party service providers while also re-evaluating their access to sensitive data and systems.
- To build and upgrade digital solutions, partner with technology providers that have a proven track record for building and deploying secure and successful digital solutions and platforms.
At Decimal, using our home-grown RAD platform Vahana, we are reimagining digital banking solutions with a laser-sharp focus on building secure and enriching user experiences to help banks and customers foster a fulfilling long-term relationship. Following are some of Vahana’s security features:
- All solution components are placed behind a firewall with no direct access
- Role-based user access to restrict system access to authorized users
- Built-in data encryption for data security
- All the Personal Identifiable Information (PII), can be masked and encrypted
- Aadhaar Data masking as per RBI and SEBI compliance requirements
- Fully compliant with OWASP 10.0 standards, the platform provides robust security & full data integrity, ensuring business data is always secure.
- Compliant with banking security policies in line with the highest security standards
- Periodic review of development practices with independent ISO certified 3rd party auditors