BFSI sector strengthening its defence and incident response systems

Rohan Vaidya, Regional Director – India at CyberArk

Organisations in India are still not aware of the dangers of supply chain attacks. And as the scale of digital initiatives increases, organisations in the country will mirror the global markets in terms of the kinds of risks they are exposed to, including software supply chain attacks. To understand more about the initiatives taken to thrive digital economy, Srajan Agarwal of Elets News Network (ENN) interacted with Rohan Vaidya, Regional Director – India at CyberArk.

As businesses thrive in a digital economy, how will adopting a privileged access-powered identity security approach to cyber defence help India?

As the scale of digital initiatives increases, cybercrime cases have correspondingly gone up exponentially. According to data from CERT-In, the number of cybersecurity incidents observed in 2021 was over 14 lakh. This is just the tip of the iceberg, since there are many cybersecurity incidents that go unreported. Considering India’s increasing digital strengths and a well-established and growing digital payment infrastructure ecosystem, India will remain in the cross hairs of global cybercrime hackers.

Today, state and local IT teams are tasked to protect an incredible variety and volume of sensitive information – from citizens’ health and human services information to financial, real estate, tax, and more. Agencies collect Personally Identifiable Information (PII) through citizen-facing apps and distributed locations,and must share it with other agencies to conduct business. Equally important is securing access to digital platforms used by government workers and third-party contractors to manage critical public infrastructure and services.

With CERT-In now mandating that all service providers, intermediaries, data center providers, corporates, and government organisations to report cyber incidents within six hours of their detection, every enterprise – private or public – has to ensure compliance.

To respond to threats rapidly, a privileged access protection approach can prove to be extremely effective in improving the overall cyber security posture. A privileged access security approach provides organisations with the ability to centrally secure an organisation’s most critical assets by vaulting and automatically rotating privileged accounts, credentials and secrets State and local agencies can benefit from privileged session isolation, which can protect against credential theft, contain attacks and stop lateral movement. Real-time session monitoring enables rapid detection of abnormal activity with remote session termination, immediately disrupting potential privileged access security attacks.

Also Read | Besides framework rethinking, BFSI sector needs advanced operating models: Dr Amitabh Rajan, Chairman, RBI Services Board

A privileged access management solution can automatically discover user and service accounts, secrets and other privileged credentials, and help organisations assess the size and magnitude of their privileged account security risks. It can also help detect malicious activities and implement automatic remediation specifically to prevent attacks from progressing to critical systems. State enterprises can thwart attacks in real-time by automatic suspension or termination of privileged sessions based on risk analysis.

Risk can be reduced by removing local admin rights from end-points while keeping users productive and limiting IT support costs. Privileged access management solutions can also be used for enforcing least privilege policies and secure remote vendor access to the most sensitive IT assets without the need for VPNs, agents or passwords. In an age of remote working, this can prove to be extremely significant.

Customer experience plays a crucial role in the banking industry. What should the comprehensive strategy be towards it?

Customer experience is the biggest differentiator for any bank. This is even more critical in the digital age where customers expect real-time updates, and the ability to access services from anywhere on any device. Today, customers are not simply satisfied with a great product or service, they also expect a great customer experience. In India, we have examples of several firms that have effectively used a combination of different technologies to improve customer experience. From WhatsApp banking to resolving customer queries instantly by using chatbots, Indian banks have come a long way. Banks hence must look at using every technology – from RPA to Blockchain to Cloud – to improve their overall customer experience.

How can the BFSI sector strengthen its defence and incident response systems to reduce security risk?

Increasingly, success in banking means keeping pace with evolving customer expectations: e.g., more mobile, cloud-based digital service options. Successful organisations will deepen customer engagement through personalised and flexible financial services, frequently relying on a broader ecosystem of vendors and partners. This will require the collection and sharing across applications of more personally identifiable information. Expanded ecosystems from in-house digital innovation initiatives and fintech partnerships mean more privileged users and applications, which in turn means a greater threat surface.

The attractiveness of the BFSI sector for hackers can be seen from the number of attacks in the industry. In India, the number of fraud cases (credit cards, debit cards and Internet banking) has increased dramatically from 58.61 crore in FY 19-20 to 63.40 crore in FY 20-21. As a country, India has also seen more banking fraud in the first half of 2021-22 than in the same period a year prior (Source: RBI’s Trend and Progress of Banking in India report).

This can be prevented by using privileged access management solutions. Privileged access is meant to allow less-constrained – but strictly-controlled access to systems that hold a bank’s crown jewels – customer as well assensitive and valuable organisational information. Privileged access can be given to system admins but also granted to applications. Now, more than ever, strong privileged access security is key to allowing banks to move with agility to capture new opportunities without jeopardising their brand or regulatory compliance.

Banking, lending and investment organisations require strong privileged access security to protect against growing external and internal threats to personal and proprietary information. Privileged access security solutions ensure that the BFSI sector has the ability to move with agility to capture new opportunities without jeopardising brand reputation or regulatory compliance.

To respond to threats rapidly and free IT to focus on the digital innovations that strengthen customer loyalty and capture new sources of revenue, privileged access security can help enterprises in the BFSI sector analyse end-to-end, privileged user and account behaviour to detect, alert and respond to critical credential threats. Real-time session monitoring enables rapid detection of abnormal activity and remote termination of sessions to disrupt potential malware attacks.

How does security debt work? How can it increase the odds of a breach while hampering effective cyber defence?

When security issues arenot addressed in time, it can cause a rise in cybersecurity debt – a type of technical debt which represents the future necessary costs to addressing security vulnerabilities that are accumulated — but not “paid down”— as new systems and applications were deployed.

Also Read | 5 ways Artificial Intelligence is reshaping the BFSI sector

When cybersecurity debt isn’t paid off promptly, “interest” can quickly build, making it difficult and costly to repair those shortcuts down the road. This debt has arisen also due to the improper management in securing access to sensitive data and assets, and a lack of Identity Security controls. Over time, cybersecurity debt can increase in proportion and lead to infrastructure or application vulnerabilities. This increases the probability of breaches.

A significant source of this cybersecurity debt stems from failure to protect sensitive assets and data from unauthorised access as identities are created and proliferate unchecked across the entire IT environment. If these digital identities go unmanaged and unsecured, they can represent significant cybersecurity risk.

The CyberArk 2022 identity security threat landscape report highlights that 68 per cent of non-humans or bots have access to sensitive data and assets and the average staff member has greater than 30 digital identities.

By enforcing the principle of least privilege, enterprises can ensure that people or machines only have the minimum levels of access required as per their roles or tasks. This prevents an escalation in privileges which presents a loophole that attackers leverage to carry out attacks using super-user and administrator privileges. A least privilege enforcement policy helps enterprises reduce the overall attack surface. This can be strengthened with a privileged access management solution, which can be used by enterprises to automatically discover and onboard privileged credentials and secrets used by human and non-human identities.

The Banking & Finance Post is an initiative of Elets Technomedia Pvt Ltd, existing since 2003.
Now, Elets' YouTube channel, a treasure of premier innovation-oriented knowledge-conferences and awards, is also active. To Subscribe Free, Click Here.

Get a chance to meet the Who's who of the NBFCs and Insurance industry. Join Us for Upcoming Events and explore business opportunities. Like us on Facebook, connect with us on LinkedIn and follow us on Twitter, Instagram & Pinterest.