The banking sector is expected to face rising fraud rates in 2021, reinforcing the need for a change in approach to cyber security that goes beyond the mere defence of the fixed network perimeter.
The widening of business perimeters in the COVID environment has increased the opportunity for fraudsters to exploit vulnerabilities well beyond the banking sector.
In their 2021 Top Ten European Business Predictions, Forrester predicted that fraud and data breaches in the banking sector would reach an all-time high in 2021:
“COVID-19 is a crisis for banks but an opportunity for fraudsters and hackers. In the UK, fraud rates rose by 33% across all financial products in April 2020. But worse is yet to come.[…] The banks will face breaches and fines as a result of naïve businesses that digitised with little regard for the EU General Data Protection Regulation (GDPR), the Payment Card Industry Data Security Standard (PCI DSS), anti-money laundering (AML), and know your customer (KYC), exposing data and compromising millions of accounts. Banks need to keep their fraud management up to date and adopt more machine-learning-based solutions to combat fraud in real-time.” (Source: Forrester)
David Harvey, VP Vendor Alliances at the Nuvias Group, commented on this area of increasing concern for the banking sector:
“Despite a significant increase it cyber security spend, the number of known breaches keeps increasing. In IT we are faced with a unique situation in which the economics of warfare are in the favour of the attacker not the defender, which is why cyber- criminality has evolved into a multi-billion industrial grade “business”.
It is a sad truth that the unplanned expansion of business perimeters due to COVID-19 has opened up potential breaches in cyber security that fraudsters have been quick to exploit. It also reinforces the fact that the traditional “castle and moat” approach to securing assets in a world where there are no longer static perimeters is obsolete.
The Cloud and location independence paradigm require a cyber security architecture that delivers visibility and continuous monitoring, contextual access and authentication, threat intelligence and analysis. Ideally businesses should be adopting a Zero Trust Architecture, or at least developing a transition roadmap to a Zero Trust Network as well as increasing user security awareness training. Channel Partners who move quickly to enable their customers to deliver a more robust security”.