Increasing need of Cyber Security professionals in the BFSI industry

Digitization has changed the world as we see it. It has become a win-win situation for customers and BFSI institutions, because it offers convenience to the former and cost effectiveness and scalability to the latter. Because of scalability, a large number of users are getting added to the workforce each day reaching mammoth proportions on some of the platforms. This, however, has exposed the industry to new vulnerabilities. Because digital barriers are in a virtual medium, a small compromise in the systems, can lead to larger ramifications as in the examples below.

In the year 2016-2017, global incidents exposed a large security gap in the industry. Unfortunately, there are no patterns in these compromises and cyber-crime experts are required to shield the humongous data in the digital domain. We need more investment in people, technology, and processes to mitigate the growing threat vulnerabilities.

Few examples of attacks that have targeted the BFSI industry in in the year 2016-2017 are mentioned below:

1. An ATM attack happened in October 2016 due to the presence of ATMs-specific malware in the systems of one of the well-known Payments Service Provider

2. WannaCry ransomware attack occurred in May 2017, exploiting vulnerability in Microsoft SMB protocol. This created havoc for the BFSI sector. This was despite the fact that Microsoft released patches one month before the attack occurred.

3. Petya ransomware attack occurred in June 2017, again exploiting Microsoft SMB vulnerability.

4. Hacking of ATMs occurred in June 2017, due to Chinese malware Rufus exploiting ATM’s running on the Windows XP operating system. Microsoft had stopped releasing patches for this for the last few years.

These events highlight system vulnerabilities & share the increasing thereat the industry faces, both the user and the vendors. There is thus the need for more Cyber Security Experts in the BFSI sector and this is constantly increasing. This industry needs to come forward and invest more in training with an intelligence based approach to cybersecurity, to mitigate the shortage of skilled talent.

In general, FIs follow common defensive measures which include technology for monitoring and detecting intrusions or abnormal behavior. This approach however, does not cover newer threats such as third-party vulnerabilities, insider’s attacks, geopolitical risks and other emerging attacks.

So, in addition to investment in security products, the BFSI industry requires talent with a new mindset and new skills in the form of Cyber Security experts. These experts will help organizations in:

1. Identifying potential threats via research to take action proactively.

2. Validating historical data and other information about threats and to find its relevance to organization.

3. Prevent the impact of future attacks or incidents.

4. Able to provide information required to make critical and strategic business decisions.

5. Provide training and timely information to internal and external stakeholders

Cybersecurity needs to be integrated with business—which includes services, products, digital investments, technology, processes and people for the successful growth and profit of the business. Failure to integrate this critical function will expose an organization to high risk in the long term.

Over past few years, the demand for cyber security professionals has grown at a faster pace. There is talent lacuna in the market and this can be seized as an opportunity for career aspirants

Various Cyber Security Certification courses needed by the industry are available online. These are from basic to advanced levels. Some suggested courses are:

1. Certified Ethical Hacker (CEH)

2. Global Information Assurance Certification (GIAC)

3. Certified Information Systems Security Professional (CISSP)

4. Systems Security Certified Practitioner (SSCP)

5. Certified Information Systems Auditor (CISA)

This is a field that is going to continue to grow. It is both challenging and paying and can open the doors to an exciting global career.