Financial sector needs to strengthen cyber defenses

QUEZON CITY, May 19 (PIA) -- Banks in the country have recognized the need to integrate technology in achieving business objectives according to the Philippine Banking Sector Outlook Survey published by the Bangko Sentral ng Pilipinas (BSP).

The respondent banks disclosed that they will prioritize the optimization of available technology and will leverage on financial technology for strategic efficiency in the next two years. Mindful of cyberthreats following the lockdown and remote working arrangements, more than half of the respondent banks are ‘prepared’ to handle and manage cyberthreats.

On the other hand, with the rise in local digital money transactions during the pandemic, it’s crucial for the financial sector to integrate security and improve their threat intelligence capabilities, according to cybersecurity company Kaspersky.

“For the large majority of cybercriminals, easy money is the prime motivator. And the financial sector is uniquely positioned to be a target of attacks regardless of season because it’s always where the money is,” Yeo Siang Tiong, General Manager for Southeast Asia, Kaspersky said.

The growth of digital financial services in the Philippines, like in other parts of the region, is creating new and heightened risks for both service users and service providers. In this case, technology will be the game-changer,” he added.

Furthermore, the restrictions also led to the use of digital payments and electronic money platforms skyrocketing in a short amount of time. The technological capabilities and operating models built to continue banking operations despite the lockdowns were considered vital pieces in ensuring business survival, maintaining controls and compliance, and increasing performance according to the cybersecurity company.

The Outlook Survey revealed that a high volume of rural and cooperative banks were determined to incorporate technology in their businesses. In 2020, respondent banks said they are now planning to use technology in banking services at 89.2% compared to 87.4% in 2019.

Considering that not all banks are prepared to handle cyber threats, securing the platform and the users hold as much value as innovation.

Last year, an American digital banking app was attacked by a hacker group called ShinyHunters that resulted in more than 7.5 million users’ personal information like names and social security numbers being posted publicly on hacking forums.

With almost half of organizations having difficulties finding the difference between real threats and false positives, security teams are left “flying blind” instead of properly prioritizing actionable threats. This opens an organization to unexpected attacks.

The cybersecurity company noted that investing in the most intelligent solutions is essential as they build their cyber defenses to better protect their customers and their businesses.

“Digital transformation always presents new challenges, especially for the financial sector. The Philippines is in the middle of a digital revolution where the use of online payment gateways and e-wallets is expected to expand… From a cybersecurity standpoint, threat intelligence is an advanced, specialized framework that the financial sector will significantly benefit from,” Yeo added.

In Kaspersky’s recent IT Security Economics Report, it was found that threat intelligence is considered an area of investment for 41% of enterprises and 39% of small and medium-sized businesses (SMBs) in response to a data breach.

Threat intelligence feeds play a vital role in keeping tabs on the cyberattacks that grow in both frequency and complexity to secure ongoing efforts for digital connectivity, identification, and payments infrastructure, up-to-the-minute. 

It can identify and analyze cyber threats targeting a business wherein it goes through piles of data to examine it, to spot real problems and deploy solutions specific to the discovered problem.

However, threat intelligence is not to be confused with threat data which is a list of possible threats. Threat intelligence is when IT specialists or sophisticated tools “read” threats and analyze them, and apply historical knowledge to know if a threat is real, and if it is, what to do about it.

“In Threat Intelligence Services, organizations are supplied with data feeds that cover phishing links and websites, and malicious objects that target Android and iOS platforms,” the cybersecurity company explained.

Since users most of the time access digital financial services through smartphones, banks can easily warn clients against ongoing cyberattack campaigns that usually involve phishing links on emails posing as the bank. This will also enable security teams to quickly launch an automated incident response and easily sift through which alerts must be escalated for further investigation and resolution.

There are three basic things on how threat intelligence can be useful:

1.     Prevent data loss - a well-structured cyber threat intelligence (CTI) program means your company can spot cyberthreats and keep data breaches from releasing sensitive information

2.     Provide direction on safety measures - by identifying and analyzing threats, CTI spots patterns used by hackers and helps businesses put security measures in place to safeguard against future attacks

3.     Inform others - hackers get smarter every day so cybersecurity experts share the tactics they’ve seen with the IT community to create a collective knowledge base to cybercrimes. (MAPA)


Source: Philippines Information Agency (

Post a Comment