Behind the Numbers: Decoding the 2023 Cybersecurity Landscape in BFSI

Swarnali Singha

The BFSI sector stands as the lifeblood of any economy. It holds the keys to our financial well being, making it a prime target for cybercriminals. 2023 witnessed a fascinating interplay between evolving threats and innovative countermeasures, shaping the cybersecurity landscape of the BFSI sector in profound ways.

The Rising Tide of Cyber Risks

Historically quick to adopt technological innovations, the BFSI sector faced new challenges as it swiftly transitioned to remote work and embraced cloud technologies. These changes expanded access points, introducing complexities to traditional security structures. According to CERT-In data, India’s financial sector encountered over 13 lakh cyber-attacks between January and October 2023, averaging around 4,400 attacks daily. The evolution of cyber threats has been rapid, shifting from basic distributed denial of service (DDoS) attacks to more sophisticated ransomware incidents. State-sponsored cyberattacks and the integration of artificial intelligence in cybercrimes have heightened the risks, potentially causing disruptions across the financial landscape.

2023 Security Incidents Managed by CERT-In,

• Phishing: 711 incidents
• Unauthorised Network Scanning/Probing: 4,39,431 incidents
• Vulnerable Services: 7,18,548 incidents
• Virus/Malicious code: 1,44,950 incidents
• Website Defacements: 9,820 incidents
• Website Intrusion Malware Propagation: 967 incidents
• Others: 5,679 incidents

Cybersecurity Trends and Vulnerabilities

Vulnerable services accounted for 54% of all attacks, providing entry into intranets and potentially allowing malware to traverse secured networks. Unauthorised network scanning, comprising 33% of attacks, poses a significant threat, while virus code transmission follows closely with 11% of attacks. The shift to remote work and digital services has increased internet exposures, necessitating a reevaluation of security structures.

Regulatory Measures for Cybersecurity in 2023

August 24, 2023-
Modification in cyber security and cyber resilience framework of Stock Exchanges, Clearing Corporations and Depositories.

August 29, 2023-
Guidelines for Market Infrastructure Institutions (MIIs) regarding cyber security and cyber resilience.

November 07, 2023-
Master Direction on Information Technology (IT) Governance, Risk, Controls and Assurance Practices.

Approach to Innovation in Cybersecurity

AI and Machine Learning (ML): BFSI institutions turned to AI-powered tools, employing anomaly detection and threat intelligence platforms to predict and preempt cyberattacks in real-time. The integration of AI marked a significant leap in the sector’s ability to proactively identify and respond to emerging threats.

Zero Trust Security:
Departing from traditional perimeter-based defenses, BFSI organizations adopted a “zero trust” architecture. This approach granted access based on the principle of least privilege and continuous verification, enhancing overall security posture.

Cybersecurity Mesh Architecture:
Recognizing the distributed nature of the threat landscape, banks embraced cybersecurity mesh architectures. These frameworks facilitated secure communication and data sharing across the BFSI ecosystem, ensuring a robust defense against cyber threats.

Also Read | Safeguarding the Future – Addressing emerging threats and the growing importance of cybersecurity in BFSI

The Human Factor

Security Awareness Training:
Mitigating human error became a focal point as BFSI entities prioritized equipping employees with knowledge of phishing scams, social engineering tactics and best practices for password hygiene. Employee awareness emerged as a critical component of the overall cybersecurity strategy.

Red Teaming and Penetration Testing:
Simulating real-world attack scenarios through red teaming and penetration testing helped identify vulnerabilities and weaknesses in security posture. This proactive approach enabled BFSI organizations to address potential issues before malicious actors could exploit them.

Cybersecurity Culture:
Fostering a culture of security awareness within organizations emerged as a key differentiator. When every member of the BFSI sector prioritizes cybersecurity, the collective defense against cyber threats becomes stronger.

The Art of Cybersecurity Decision-Making
A critical component of cybersecurity is making well-informed decisions. BFSI organizations are increasingly recognizing the need to adopt comprehensive solutions for assessing and managing their cyber risk posture. Solutions like Cyber Risk Posture Management (CRPM) are gaining prominence, providing a holistic view of an organization’s cybersecurity strengths and weaknesses.

As the BFSI sector embraces digital transformation, the need for robust cybersecurity measures has never been more critical. The evolving threat landscape requires continuous adaptation and the proactive regulatory measures introduced in 2023 signify a collective effort to secure financial systems. In the face of increasing cyber risks, collaboration between financial institutions, regulatory bodies and cybersecurity experts becomes paramount for building a resilient and secure financial ecosystem

Views expressed by Swarnali Singha, Co- founder & CBO, Zeron

"Exciting news! Elets Banking & Finance Post is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest insights!" Click here!

Elets The Banking and Finance Post Magazine has carved out a niche for itself in the crowded market with exclusive & unique content. Get in-depth insights on trend-setting innovations & transformation in the BFSI sector. Best offers for Print + Digital issues! Subscribe here➔

Get a chance to meet the Who's who of the Banking & Finance industry. Join Us for Upcoming Events and explore business opportunities. Like us on Facebook, connect with us on LinkedIn and follow us on Twitter, Instagram & Pinterest.