Experts: Banks must prioritize enhancement of cybersecurity programs
Dubai-UAE: April 4, 2017 – Emirates Institute for Banking and Financial Studies (EIBFS), a regional leader in banking and finance education and training, hosted a workshop titled Cybersecurity in the UAE Banking Sector. Highlighting the growing cyber risks in the region, the conference drew more than 30 mid- to senior-level professionals from key areas of the UAE banking and financial services sector, including operations, risk management, quality audit and IT.
EIBFS convened cybersecurity specialists from prominent local and global consulting firms and financial establishments, including DarkMatter, BAE Systems, Kaspersky, Forcepoint and First Gulf Bank (FGB), to map the cyberthreat landscape in the region. Experts shared best practices for protecting the region’s banking IT infrastructure and suggested solutions to the challenges cybercrime presents.
Jamal Al Jassmi, General Manager of EIBFS, said: “As a leading banking and financial studies institute, we routinely collaborate with key industry players to understand the evolving trends in cyberthreats and cybersecurity as well as their implications for the financial services industry. In fact, 35 percent of all cyberattacks in the UAE target the banking community. Therefore, it is extremely important for our banks to raise their level of emergency response preparedness to protect data and mitigate risks so that they can guarantee maximum security for their individual and corporate customers and stakeholders.”
He added: “Bankers are interested in gaining deeper insight into crucial cybersecurity issues, such as data confidentiality and privacy, securing electronic payment gateways, and building shields against distributed denial of service (DDoS) attacks. Our main purpose in organizing this workshop was to highlight the most pressing challenges in this emerging field.”
During the workshop, experts strongly advised the attendees to prioritize the enhancement of their existing cybersecurity programs in the face of the sophisticated attacks that have taken place within the region’s banking sector lately.
Harshul Joshi, Senior Vice President of Cyber Governance, Risk and Compliance at DarkMatter, said: “As digitization in financial services and banking increases exponentially, cybersecurity resilience becomes an overarching requirement to sustain the development of the ecosystem.”
He added: “Institutions should be aware of their digital assets – where they are located, who has access to them, and who might look to compromise digital systems. Entities should then go about instituting an end-to-end cyber risk mitigation and management program that allows them a real-time view of their networks and transactions in order to identify any suspicious activity as quickly as possible and act against it.”
In closing, Joshi said: “Information exchange is a key tool in helping to lower the success of cyber incidents. Platforms such as EIBFS’s Cybersecurity in the UAE Banking Sector conference play a critical part in raising the level of awareness and best practice in this regard.”
According to Simon Goldsmith, Head of Sales of Cyber Security and Financial Crime at BAE Systems, “in the past criminal gangs physically attacked banks to steal the money of the bank and its customers – a very dangerous business. But with significant levels of cyber-attacks targeted at banks in the UAE it is clear criminal gangs have realized it’s less dangerous, less costly and potentially very lucrative to pay someone, who may not even be in the same country, to provide access to someone else’s money from the relative safety of a computer desk.
He further added: “With this threat in mind, our research found disconnects between responses of C-suites and IT departments of leading businesses in the UAE. These disconnects create intelligence gaps for attackers to exploit. For example, 60 to 70% of C-suite executives expect the severity and number of cyber-attacks to increase this year, yet only 40% of UAE C-suite executives plan to increase their allocation of time and existing resources on cyber security and defence this year – the lowest percentage across the eight countries surveyed.
“This might make sense if over half of the C-suite executives are correct when they claim they are very confident in their ability to prevent a cyber-attack – why spend more when you are already doing enough? However, with only 20% of their own IT departments agreeing with this level of confidence, concerns should rise that several banks in the UAE may need to improve their understanding of their levels of exposure to the threats facing their business.”
EIBFS collaborates with industry leaders, HR representatives and international institutions to provide industry-specific workshops and customized training programs for students as well as working professionals.