1

A REPORT ON

Paper No. M- 109

(Seminar on Contemporary Issues)

Titled

“CYBER SECURITY IN BANKING AND FINANCE SECTOR”

SUBMITTED BY: SUBMITTED TO:

MANSI BANSAL Prof. Dr. Jyotsna Mehta

ROLL NO. 62 PROFESSOR

S. S. JAIN SUBODH MANAGEMENT INSTITUTE

Jaipur, (Rajasthan)

2023-2024
 2

STUDENT’S DECLARATION

I Mansi Bansal MBA 1 Semester hereby declare that the report on paper no. M-109 (Seminar

on Contemporary Issues titled “Cyber Security In Banking and Finance Sector” submitted in

partial fulfillment of the requirements of MBA course, Semester I, subject M-109, is a report of

information collected by me under the guidance of Prof. Dr. Jyotsna Mehta.

The findings and results embodied in this report have not been submitted to any other University

or Institute for the award of any degree and diploma. It is my own original work and I alone am

responsible for its contents or for any mistake that may be reflected in it.

Name: MANSI BANSAL Roll no: 62

Date: 4-01-2024
 3

ACKNOWLEDGEMENTS

I would like to express gratitude to my guide Prof. Dr. Jyotsna Mehta, who guided and

supported me in my academic endeavor. I would also like to thank our Institute’s director Prof.

(Dr.) Raju Agrawal who has given the opportunity to undertake this academic effort.

The Institute has always supported us in carrying out research and the well-stocked library, the

excellent computer laboratory and supportive management and faculty, helped me in carrying out

my research and preparing the report. In the course of my research I learnt a multitude of technical

and report writing skills and developed a deeper perspective of the topic selected for research and

I am truly grateful for the learning.

Name: MANSI BANSAL Roll no: 62

Date: 4-01-2024
 4

TABLE OF CONTENT

TOPICS PAGE NO.

1 Introduction 5-6

2 Importance and need of cyber security

In banking and finance sector 7 - 13

3 Current state & trends of cyber security in banking 14 - 20

And finance sector

4 Cyber security Challenges and threats faced 21 - 28

By banks and financial institutions

5 Cyber security framework in banking and

Financial sector 28 - 36

6 Methods to make bank and financial sector

Cyber safe 37 - 38

7 Example of recent cyber crime 39 - 40

8 Conclusion 41

9 Bibliography 42
 5

INTRODUCTION

As we transition to a digital economy, cybersecurity in banking is becoming a serious concern. Utilizing

methods and procedures created to safeguard the data is essential for a successful digital revolution. The
effectiveness of cybersecurity in banks influences the safety of our Personally Identifiable Information (PII),
whether it be an unintentional breach or a well-planned cyberattack.

The stakes are high in the banking and financial industry since substantial financial sums are at risk and the
potential for significant economic upheaval if banks and other financial systems are compromised. With an
exponential increase in financial cybersecurity, there is high demand for the profession of cybersecurity.

The arrangement of technologies, protocols, and methods referred to as "cybersecurity" is meant to guard
against attacks, damage, malware, viruses, hacking, data theft, and unauthorized access to networks, devices,
programs, and data.

Protecting the user's assets is the primary goal of cybersecurity in banking. As more people become cashless,
additional acts or transactions go online. People conduct transactions using digital payment methods like debit
and credit cards, which must be protected by cybersecurity.
6
 7

IMPORTANCE AND NEED

The banking industry has prioritized cybersecurity highly. Building credibility and trust is the cornerstone of
banking, so it becomes much more essential. Here are five factors that demonstrate the significance of
cybersecurity in the banking industry and why you should care:
1. Everyone looks to be entirely cashless and using digital payment methods like debit and credit cards. In
this case, ensuring that the required cybersecurity safeguards are in place to protect your privacy and data
is critical.
2. After data breaches, it could be difficult to trust financial institutions. That's a significant issue for banks.
Data breaches caused by a shoddy cybersecurity solution may easily lead to their consumer base moving
their business elsewhere.
3. The majority of the time, when a bank's data is compromised, you lose time and money. Recovery from
the same can be unpleasant and time-consuming. It would entail canceling cards, reviewing statements,
and keeping a watchful lookout for issues.
4. Inappropriate use of your private information might be very harmful. Your data is sensitive and could
expose a lot of information that could be exploited against you, even if the cards are revoked and fraud is
swiftly dealt with.
5. Banks need to be more cautious than most other firms. That is the price for banks to retain the kind of
valuable personal data they do. If the bank's information is not safeguarded against risks from cybercrime,
it could be compromised.
 8

6.

Cyber security is not only restricted to IT organisations, it is important for every single
business. But, for banks, it holds important value. Banks deal in millions of transactions on a regular basis. Hence,
it is very important for banks to take protective security procedures to safeguard their data against cyber attacks.
Here are some reasons why cyber security is essential for banks:

Loss to Customers :-
When a bank confronts a cyber attack, it not only affects the bank’s status but also causes loss to its customer’s
assets. Normally, when a user loses money due to card fraud, it can be retrieved from the bank. But, in
circumstances like data infringement, it takes time to retrieve the funds, which is very worrying for customers.
 9

To keep customer’s data safe, every bank needs to execute cyber security methods that can safeguard their
customers’ data.

Bank’s Reputation :-

Data infringement is a crucial problem for banks, as it leads to losing users data. If the customers’ data of a bank
is breached, then it becomes hard for customers to have confidence in the bank. Data breaches generally happen
because of weak cyber security approaches.

Thus, it is required to have cyber security necessities for banks to evaluate the current security measures and
protect crucial data.

Digitization :-

As we know, nearly everything has been digitized now. From ordering products to making meetings and sending
money, we trust on various digital platforms. This makes it highly important for banks to advance their banking
functions utilized by customers, as hackers can swiftly access banking apps if proper cyber security methods are
not applied.

Consequences and Penalties for FDIC Non-Compliance :-

No bank wants to face penalties for non-compliance, as it could be tough to come out of it. Compliance standards
ask banks to take adequate cybersecurity measures to prevent cyber attacks. And if any bank doesn’t follow the
rules and become a victim of cyber threats in banks they need to face FDIC penalties.

Customer’s data is Sensitive :-

It is very hard for customers to handle data breaches knowing that their private information has been
compromised. Besides, even if the consumers block their cards, their personal information can be used by any
cybercriminal.
 10

Once a user’s personal information gets stolen, it becomes hard for banks to win their trust and bring them back.
Thus, it is advisable to plan ahead and take cybersecurity for banks seriously.

Enhances productivity :-

As technology evolves, cybercriminals are employing sophisticated ways to breach data.

Viruses negatively impact productivity by affecting networks, workflows, and functioning. The organization may
come to a standstill due to the firm’s downtime. With measures such as automated backups and improved
firewalls, firms can improve their productivity, making it one of the most promising cybersecurity benefits.

Assists the remote workspace :-

The remote working model has led employees working from different locations to access multiple remote models
for their workflows. It may be unsettling for organizations to circulate their sensitive data across the globe, where
cybercrimes can occur through IoT, Wi-Fi, and personal devices.

It is substantial for businesses to protect sensitive data as remote work has led to an increase in the average data
breach cost by $137,000.

Sensitive data, strategies, and analytics are always vulnerable to being hacked and leaked. However, cyber
security serves as a secure centre to store data and can also protect home Wi-Fi from tracking users’ data.

Regulation compliance :-

Regulatory bodies such as HIPAA, SOC, PCI, DSS and GDPR play a substantial role in protecting individual
users and organizations. Failure to comply with these regulations attracts heavy penalties.
 11

Improves cyber posture :-

Cybersecurity provides organizations with comprehensive digital protection giving employees flexibility, liberty,
and safety to access the internet.

Sophisticated cyber security technology tracks all systems in real-time on a single dashboard with one click. This
strategy allows businesses to act and respond in the event of a cyber-attack with automation for smoother
operations, strengthening cybersecurity protocols against threats.

Better data management :-

Data forms the crux of marketing and product strategies. Losing it to hackers or competitors may result in laying
the groundwork from scratch, giving a competitive edge to other companies.

Hence, to ensure that data security regulations are implemented perfectly, organizations must consistently
monitor their data. In addition to security, cybersecurity assists in operational efficiency as well.

Helps educate and train the workforce :-

You can add a layer of safety to your organization’s daily operations by educating the workforce about potential
risks such as ransomware, data breaches, spyware, and more.

The employees will be less vulnerable to phishing attacks and know the right course of action in case anything
goes wrong.

Helps maintain trust and credibility :-

 12

Cyber security helps lay the foundation of trust and credibility amongst customers and investors. Breaches impact
the reputation of an organization resulting in a dwindling audience base drastically. In contrast, the customer base
increases when the organization has a history of safeguarding business and customer data.

Streamline access control :-

Organizations feel under control of all the tasks by controlling the internal and external processes.

Companies can focus on other meaningful tasks enabling them to establish accountability for strategic
management. Access to systems, computers, and resources is streamlined, hence reducing cybercrime threats.

Supports the IT team :-

Cyber-attacks attract fines from regulators and customers’ claims, resulting in low sales and revenue, affecting
crucial aspects of continuity. Additionally, cybercrimes can halt daily operations.

With the advancement of technology, sophisticated hacking practices have evolved. The IT team should stay up
to date with the rapidly evolving changes in cyberspace.

A skilled IT team equipped with tools, techniques, and assistance, as well as comprehensive knowledge, can
skillfully handle even the most advanced cybercrime.

Importance of Cyber Security for Students :-

Cyber security is important for students because they often target cyber attacks. In a recent case, a group of
students from a college in the United States was targeted by hackers who gained access to their personal
 13

information, including their Social Security numbers and credit card information. The hackers then used this
information to fraudulently charge thousands of dollars to the students' credit cards. The students were left
with massive debt and had to spend months repairing their credit. This case highlights the importance of cyber
security for students, who are often the victims of cybercrime.

If a student's personal information is stolen in a cyber attack, it could be used to commit identity theft. It could
ruin the student's credit, making it difficult for the student to get loans for college or a car. In extreme cases,
identity theft can even lead to jail.

Importance of Cyber Security in Business / Organizations :-

The importance of Cyber Security for businesses and organizations can be seen in the case of the target data
breach. In this case, hackers were able to gain access to the target's customer data, including credit and debit
card information. It led to target having to pay out millions of dollars in damages and losing customer trust.
Target's data breach is just one example of how cyber security is important for businesses and organizations.

Another data breach example would be the WannaCry ransomware attack, which targeted businesses and
organizations worldwide. This attack resulted in the loss of data and money for many organizations, and some
were even forced to shut down.

certified Ethical Hacking courses for individuals to work towards protecting data from breaches and
malware. You can take this course and understand in detail about cyber security.
 14

CURRENT STATE & TRENDS OF CYBER SECURITY

Between June 2018 and March 2022, Indian banks reported 248 successful data breaches by hackers and
criminals; the government notified Parliament on Aug 2, 2022.

The Indian government has reported 11,60,000 cyber-attacks in 2022. It is estimated to be three times more
than in 2019. India has been the target of serious cyberattacks, such as the phishing attempt that nearly
resulted in a $171 million fraudulent transaction in 2016 against the Union Bank of India.

Another instance of a cyberattack involving online banking was Union Bank of India, resulting in a substantial
loss. One of the officials fell for the phishing email and clicked on a dubious link, which allowed the malware
to hack the system. The attackers entered the system using fake RBI IDs.

Banks have been mandated to strengthen their IT risk governance framework, which includes a mandate for
their Chief Information Security Officer to play a proactive role in addition to the Board and the Board's IT
committee playing a proactive role in ensuring compliance with the necessary standards.

Cyberattacks are becoming more frequent, and they’re costing companies more as well. The average cost of a data
breach for a U.S. company in 2022 was $9.44 million, up from $9.05 million the previous year. As the financial
services sector grows more digitized and the volume of electronic transactions surges, the industry is even more
susceptible to cyber-based perils.

In 2023, 10 cybersecurity hazards in particular could cause significant disruption, but financial services companies
can implement specific, proactive cybersecurity strategies to mitigate risk.

The market for IT security in banking has maintained its rapid growth in 2023. Since financial institutions are
primary attack targets, investments in protection continue to scale. The market value reached $38.72 billion in
2021, and projections see a compound growth rate of 22.4% and a value of $195.5 billion by 2029.

A big part of such growth figures relates to the increase in cybercriminal activity. The volume of fraud attacks
follows an upward trajectory, with cyber inсidents almost tripling the reported accounts in 2013. Bad actors are
 15

taking more malicious actions, likely due to the digitization of more bank services. As transactions go online,
cybercrime attempts have increased in kind.

In addition, the threats themselves are becoming more advanced. Attacks range from attempts
on web-based services to strategies on the transaction systems themselves. Organized groups and insiders are
using novel tech (e.g. machine learning) to gain access to banking assets.

Of course, this has led the financial sector to demand heightened regulatory and compliance
measures. Consumers want banks to protect their data and assets. So bank cybersecurity now must secure all
networks, storage facilities, apps, and devices. Risk management for digital services is now a crucial aspect of
the banking experience.

Banks have taken steps to address this. Collaboration is the name of the game, as data sharing and integrated
prevention tools help strengthen the industry. Public-private partnerships, consumer education, and combined
efforts with cybersecurity service providers will shape the future of cybersecurity in banking.

Here are the top cybersecurity trends for 2023 :-

1. Rise of Automotive Hacking :-

Modern vehicles nowadays come packed with automated software creating seamless connectivity for drivers in
cruise control, engine timing, door lock, airbags and advanced systems for driver assistance. These vehicles use
Bluetooth and WiFi technologies to communicate that also opens them to several vulnerabilities or threats from
hackers. Gaining control of the vehicle or using microphones for eavesdropping is expected to rise in 2023 with
more use of automated vehicles. Self-driving or autonomous vehicles use an even further complex mechanism
that requires strict cybersecurity measures.

2. Potential of Artificial Intelligence (AI) :-

With AI being introduced in all market segments, this technology with a combination of machine learning has
brought tremendous changes in cybersecurity. AI has been paramount in building automated security systems,
natural language processing, face detection, and automatic threat detection. Although, it is also being used to
 16

develop smart malware and attacks to bypass the latest security protocols in controlling data. AI-enabled threat
detection systems can predict new attacks and notify admins of any data breach instantly.

3. Mobile is the New Target :-

Cybersecurity trends provide a considerable increase (50 percent) for mobile banking malware or attacks in 2019,
making our handheld devices a potential prospect for hackers. All our photos, financial transactions, emails, and
messages possess more threats to individuals. Smartphone viruses or malware may capture the attention of
cybersecurity trends in 2023.

4. Cloud is Also Potentially Vulnerable :-

With more and more organizations now established on clouds, security measures need to be continuously
monitored and updated to safeguard the data from leaks. Although cloud applications such as Google or Microsoft
are well equipped with security from their end still, it's the user end that acts as a significant source for erroneous
errors, malicious software, and phishing attacks.

5. Data Breaches: Prime Target :-

Data will continue to be a leading concern for organizations around the world. Whether it be for an individual or
organization, safeguarding digital data is the primary goal now. Any minor flaw or bug in your system browser
or software is a potential vulnerability for hackers to access personal information. New strict measures General
Data Protection Regulation (GDPR) was enforced from May 25th, 2018 onwards, offering data protection and
privacy for individuals in the European Union(EU). Similarly, the California Consumer Privacy Act (CCPA) was
applied after January 1st, 2020, for safeguarding consumer rights in the California area.
 17

6. IoT With 5G Network: The New Era of Technology and Risks :-

With the advent and growth of 5G networks, a new era of inter-connectivity will become a reality with the Internet
of Things (IoT). Read about What Is the Internet of Things (IoT) and Why It Matters? This communication
between multiple devices also opens them to vulnerabilities from outside influence, attacks or an unknown
software bug. Even the world's most used browser supported by Google, Chrome was found to have serious bugs.
5G architecture is comparatively new in the industry and requires a lot of research to find loopholes to make the
system secure from external attack. Every step of the 5G network might bring a plethora of network attacks that
we might not be aware of. Here manufacturers need to be very strict in building sophisticated 5G hardware and
software to control data breaches.

7. Automation and Integration :-

With the size of data multiplying every day, it is eminent that automation is integrated to give more sophisticated
control over the information. Modern hectic work demand also pressurizes professionals and engineers to deliver
quick and proficient solutions, making automation more valuable than ever. Security measurements are
incorporated during the agile process to build more secure software in every aspect. Large and complex web
applications are further hard to safeguard making automation as well as cyber security to be a key concept of the
software development process.

8. Targeted Ransomware :-

Another important cybersecurity trend that we can't seem to ignore is targeted ransomware. Especially in the
developed nations' industries rely heavily on specific software to run their daily activities. These ransomware
targets are more focussed such as the Wanna Cry attack on the National Health Service hospitals in England
Scotland corrupted more than 70,000 medical devices. Though generally, ransomware asks to threaten to publish
the victim's data unless a ransom is paid still it can affect the large organization or in case of nations too.
 18

9. State-Sponsored Cyber Warfare :-

There won't be any stoppage between the western and eastern powers in attempts to find superiority. The tension
between the US and Iran or Chinese hackers often creates worldwide news though the attacks are few; they have
a significant impact on an event such as elections. And with more than 70 elections bound to be held this year,
criminal activities during this time will surge. Expect high-profile data breaches, political and industrial secrets
to top cybersecurity trends for 2023.

10. Insider Threats :-

Human error is still one of the primary reasons for the data breach. Any bad day or intentional loophole can bring
down a whole organization with millions of stolen data. Report by Verizon in data breach gives strategic insights
on cybersecurity trends that 34 percent of total attacks were directly or indirectly made by the employees. So
make sure you create more awareness within premises to safeguard data in every way possible.

11. Remote Working Cybersecurity :-

The pandemic has forced many companies to move to remote working, introducing a new set of cybersecurity
challenges. Remote workers may be more vulnerable to cyberattacks as they often have less secure networks and
devices. As such, organizations must ensure adequate security measures to protect their remote workers, such as
multi-factor authentication, secure VPNs, and automated patching.

12. Social Engineering Attacks :-

Social engineering attacks are on the rise, as attackers use techniques such as phishing, spear phishing, and
identity theft to gain access to sensitive data. Organizations must ensure that their employees are trained to
recognize and report any suspicious activity and have measures in place to protect against these types of attacks.
 19

13. Multi-Factor Authentication :-

Multi-factor authentication (MFA) is a security measure that requires users to provide more than one form of
authentication before they can access an account. This additional layer of security helps to protect against
cyberattacks, as attackers must have access to multiple pieces of information in order to gain access. Organizations
should ensure that all accounts are secured with MFA to reduce the risk of unauthorized access. Automation is
becoming increasingly important in cybersecurity. Automated security processes can help reduce the time it takes
to detect and respond to threats and improve the accuracy of threat detection. Automation can also reduce the
reliance on manual processes, which can be time-consuming and prone to human error.

14. International State-Sponsored Attackers :-

State-sponsored attackers have become increasingly sophisticated, and organizations need to be aware that these
types of attackers may target them. They must ensure adequate security measures to protect against these types
of attacks, such as multi-factor authentication and real-time monitoring.

15. Identity and Access Management :-

Identity and access management (IAM) is a security measure that helps organizations control and monitor who
has access to sensitive data and networks. They should ensure adequate IAM measures, such as user
authentication, authorization policies, and access control lists.

16. Real-Time Data Monitoring :-

Real-time data monitoring is an important security measure that helps organizations detect and respond to any
suspicious activity. They should ensure that they have adequate measures in place to monitor all data activity,
such as automated alerts and log monitoring.
 20

17. Automotive Hacking :-

As cars become increasingly connected to the internet, they are also becoming vulnerable to cyberattacks.
Organizations should ensure adequate security measures to protect connected vehicles, such as encryption,
authentication, and real-time monitoring.

18. AI Potential: :-

Artificial intelligence (AI) has the potential to revolutionize the security landscape. AI can help detect and respond
to cyberattacks in real time, as well as automate mundane security tasks. Organizations should ensure that they
have adequate security measures in place to protect against any potential AI-related threats.

19. Improved Security for IoT Devices :-

Internet of Things (IoT) devices are becoming increasingly popular and are expected to become even more
popular in the coming years. As more devices become connected, the need for improved security for these devices
will become increasingly important. Organizations should ensure that the security of their IoT devices is up to
date, as well as ensure that their data and applications remain secure.

20. Cloud Also Vulnerable :-

Cloud computing provides many benefits but introduces new security risks. Organizations should ensure adequate
security measures to protect cloud-based data and networks, such as encryption, authentication, and regular
patching. As more companies move their data and applications to the cloud, the need for cloud security solutions
that can protect these assets will increase. Cloud security solutions are designed to protect data stored in the cloud
from unauthorized access, as well as protect against data breaches and other cyber threats.
 21

CHALLENGES AND THREATS

Cybercrimes have increased frequently over the past several years to the point where it is thought that they
are one of the most significant hazards to the financial sector. Hackers have improved their technology and
expertise, making it difficult for any banking sector to thwart the attack consistently. The following are some
dangers to banks' cybersecurity:

1. Phishing Attacks :-

One of the most frequent problems with cybersecurity in the banking sector is
phishing assaults. They can be used to enter a financial institution's network and conduct a more severe attack
like APT, which can have a disastrous effect on those organizations (Advanced Persistent Threat In an APT,
a user who is not permitted can access the system and use it while going unnoticed for a long time. Significant
financial, data and reputational losses may result from this. According to the survey phishing assaults on
financial institutions peaked in the first quarter of 2021.
 22

Almost half of all phishing attacks in 2019 occurred in the finance sector

2. Trojans :-
The term "Trojan" is used to designate several dangerous tactics hackers use to cheat their way
into secure data. Until it is installed on a computer, a Banker Trojan looks like trustworthy software. However,
it is a malicious computer application created to access private data processed or kept by online banking
systems. This kind of computer program has a backdoor that enables access to a computer from the outside.

Around the globe, there were roughly 54,000 installation packages for mobile banking trojans in the first
quarter of 2022. There has been an increase of more than 53% compared to last year's quarter. After declining
for the first three quarters of 2021, the number of trojan packages targeting mobile banking increased in the
fourth quarter.

3.Ransomware :-
 23

A cyber threat known as ransomware encrypts important data and prevents owners
from accessing it until they pay a high cost or ransom. Since 90% of banking institutions have faced
ransomware in the past year, it poses a severe threat to them.

In addition to posing a threat to financial cybersecurity, ransomware also affects cryptocurrency. Due to their
decentralized structure, cryptocurrencies allow fraudsters to break into trading systems and steal money.
 24

4. Spoofing :-

Hackers use a clone site in this type of cyberattack. By posing as a financial website, they;

 Design a layout that resembles the original one in both appearance and functionality.
 Establish a domain with a modest modification in spelling or domain extension.
The user can access this duplicate website via a third-party messaging service, such as text or email. Hackers
can access a user's login information when the person is not paying attention. Seamless multi-factor
authentication can solve a lot of these issues.

The Reserve Bank of India (RBI) reported bank frauds of 604 billion Indian rupees in 2022. From more than
1.3 trillion rupees in 2021, this was a decline.
 25

5. Data Manipulation:-

A widespread misunderstanding about cyber attacks is that they are only worried about data stealing. This is not
always the case, however, as data manipulation attacks have gradually become a more common means of attack
for hackers. Data manipulation attacks take place when a dangerous actor gains entry to an objective system and
creates unnoticed changes to data for their own individual gain. An example of this is if a worker modifies
customer information data. This will likely go undetected as the transactions will appear genuine, leading to errors
in how future data is stored. The longer the manipulation goes unnoticed, the more destruction it will cause.

6.Remote Work :-

Since the onset of COVID-19, remote work is no longer the exception but the default approach to getting work
done. While many financial institutions moved to remote work arrangements out of necessity, employees continue
to stay home out of preference.

Remote work in the banking sector does require diligence when it comes to cybersecurity. People working from
home, coffee shops or elsewhere lack the protection of an office’s physical cybersecurity defenses and this can
complicate the ability for IT to keep internal software safe, and customer sensitive data out of malicious hands.

The cybersecurity challenge here is best handled by proactively educating employees on what to look for and how
to stay safe while in the remote work environment. This will help prevent the possibility of data breaches and lead
to a more productive workforce.

Software Supply Chain Cyber Attacks :-

 26

A popular method of malware distribution is to target a software vendor and then use their distribution channels to
deliver malicious code to customers. This attack propagates through the supply chain in the form of products or
updates that appear to be legitimate. While these attacks may involve third party services, it’s not uncommon for an
attacker to embed their malicious code in illegitimate updates from the primary vendor. These attacks compromise
the distribution systems and enable attackers to enter the supplier’s networks and persist over the systems for a
significant length of time.

Supply chain attacks are best prevented through being proactive in vulnerability scanning and educating customers
on how cyber attackers may gain access to their personal information through updates.

8. Social Engineering :-

Phishing goes hand-in-hand with social engineering but they could have different objectives and social engineering
can also involve whaling attacks. Customers and employees are often the most vulnerable link in the security chain,
they can be tricked into giving over sensitive details and credentials.

Social engineering takes many forms, it might be through phishing or whaling attacks or it could be by sending
bogus invoices that purport to be from a trusted source. It’s important to keep your employees informed about social
engineering tactics and how these threats continue to evolve.

9.Cloud-based Cybersecurity Threat :-

As more software systems and data are stored and enabled in the cloud, attackers have leveraged cloud-based attacks
to capture sensitive information have seized upon this and there’s been an increase in cloud-based attacks. Banks
need to ensure that the cloud infrastructure is configured securely to protect from harmful breaches.

10.Customer Behaviors :-
 27

Customer behavior can put data at risk just as much as employee behavior can. In some cases the consequences for
poor security practices from digital banking customers can compromise their information in seconds. Everything
from reusing passwords to opening suspicious emails can quickly result in losing sensitive financial data.

There are a few ways digital banking organizations can prevent breaches due to customer errors. Using well-
designed mobile apps with a streamlined user experience and built-in security functions can help mitigate some of
the risk. A discerning user might utilize the fingerprint scanner on their phone or another multi factor authentication
method to access their account instead.

11. Unencrypted data :-

Along with unprotected mobile applications, unencrypted data is a massive threat to financial institutions of all sizes.
Should hackers seize your unencrypted data, they can use it right away, which will create serious problems for your
organization. All data should be encrypted; even if would-be thieves stole it, they would face the hurdle of
attempting to unencrypt it.

12. Fraud And Identity Theft :-

Fraud and identity theft has always been around. And while these attacks aren’t new to financial institutions, they’re
evolving through more digital channels. Now fraud and identity theft can be conducted through other cyber attack
channels, and digital tactics may make it more difficult to detect.

Digital banking organizations must implement cybersecurity strategies that actively search for suspicious account
activity to fight these attacks on the virtual front. This is one of the surest ways to catch fraud attempts.
28
 29

CYBER SECURITY FRAMEWORK

Cybersecurity frameworks are a set of guidelines or best practices to help organizations improve
their cybersecurity posture and meet regulatory compliance requirements. Sometimes they are aligned with a
specific regulation to help businesses attain the required level of cybersecurity proficiency. Although they are
typically not laws and, therefore, not mandatory, the government may strongly recommend one or more
frameworks to follow because they may be mapped closely to a regulation.

In many cases, organizations can use one or more cybersecurity frameworks to meet those regulations. Whether
or not a framework has a specific regulation in mind, organizations can use them so they don’t have to design
cybersecurity programs from scratch.

Some of the most popular cybersecurity frameworks are the following:

 NIST Cybersecurity Framework (NIST CSF)

 Higher Education Community Vendor Assessment Tool (HECVAT)
 ISO/IEC 27001
 Control Objectives for Information Technology (COBIT)
 30

1. NIST Cybersecurity Framework (NIST CSF) :-

The NIST Cybersecurity Framework was developed by NIST, the US Department of Commerce’s National
Institute of Standards and Technology, which supports US innovation through industrial competitiveness via
several strategies, including developing measurable cybersecurity standards to protect critical infrastructure and
enhance information security and data protection activities.

NIST CSF is a popular cybersecurity framework containing a set of standards, guidelines, and best practices to
help businesses get their basic cybersecurity processes up to speed and have a baseline to develop their IT
infrastructure. NIST frequently updates the framework, keeping it relevant as the number of cyber attacks and
types of cybersecurity threats evolve.

The NIST framework is not industry-specific and can be implemented by companies in all industries. The main
focus of the NIST CSF is that it is completely performance and outcome-based and does not provide a specific
checklist of actions to take. It focuses on specific goals for organizations to accomplish and allows them to tailor
the framework and customize it to their needs.

The five main pillars of the NIST CSF are:

1. Identify
2. Protect
3. Detect
4. Respond
5. Recover
6. The framework can be used by both small firms with no existing cybersecurity programs and enterprise-
level businesses with extensive information security management systems. At any stage of an
organization’s cybersecurity maturity, NIST can enhance its internal policy to meet regulatory
requirements and industry standards. Many large, global organizations use NIST CSF in their security
programs, including major corporations like Microsoft, JP Morgan & Chase, and Intel.
7. Another advantage of this framework is that it fosters communication about risk management, cyber
awareness, and incident response, both internally and externally. It encourages communication between
executive leadership, business partners, suppliers, stakeholders, and employees. Furthermore, some firms
 31

may need to use this framework to meet the needs of their customers or organizations within their supply
chain.

:Key Benefit

 Scalable
 Flexible
 Comprehensive

2. Center for Internet Security (CIS) Critical Security Controls :-

CIS is a nonprofit organization that aims to make the Internet safer for people, businesses, and governments. They
developed the CIS Critical Security Controls and CIS Benchmarks, which provide best practices for IT system
security and data protection.

CIS Benchmarks focuses on securing the configuration of operating systems, software, middleware, and network
devices, which is referenced throughout CIS Controls.
 32

CIS Controls, also known as CIS Critical Security Controls, are recommendations of actions organizations can
take to prevent the most common cybersecurity incidents. The recommendations were developed through a
collaboration of government agencies, companies, and individual expert volunteers, including auditors,
policymakers, solution providers, and cyber analysts.

The primary advantage of using CIS Controls is that it provides a list of 18 high-priority and highly-effective
recommendations that organizations can use to get a security program off the ground and protect sensitive data
quickly.

It may not be as comprehensive or robust as other frameworks, but it provides effective control baselines for
organizations that need to rapidly improve how they protect sensitive information from cybercriminals and other
security risks.

The controls are updated frequently via discussion within the CIS community, which comprises a wide range of
useful disciplines across various industries, government, and academia. This ensures the controls are focused on
the most effective defenses against the most common cyber attacks and risks.

The CIS Controls can also map to most major compliance frameworks, including NIST CSF and the ISO 27000
series, as well as specific regulations, including PCI DSS and HIPAA.

Key Benefits

 Fast payoff
 Highly-effective
 Current

3. ISO 27001/27002 :-

ISO is the International Organization for Standardization, while IEC refers to the International Electrotechnical
Commission. The ISO 27000 series are internationally recognized and the global standard for information
security management. The ISO/IEC 27000 family comprises more than a dozen sets of cybersecurity standards
for information security management systems (ISMS).
 33

ISO 27001

ISO 27001 is the primary component of the ISO 27000 series, each concerning an aspect of information security
management. This part of the series could be described as an overview of the implementation requirements for
an ISMS, listing primary security controls.

This cybersecurity framework is ideal for organizations that cannot yet commit to a full-scale implementation but
want to start an information security project. It provides a framework to help organizations achieve the following
outcomes with respect to improving information security:

 Creating a project team

 Gap analysis
 Understanding the scale or scope of the ISMS
 Policy development
 Conducting risk assessments
 Applying relevant controls
 Preparation of risk documentation

 Cybersecurity training for staff

 Internal auditing and review
 Certification

Organizations can achieve an ISO 27001 certification if they choose or are required to do so, demonstrating that
they have taken the necessary actions to create an ISMS.

ISO 27002

ISO 27001 is supplementary to ISO 27001. It expands on each of the information security controls listed in ISO
27001, explaining how each control works, its goals, and how organizations can implement them. It provides best
practice recommendations for those responsible for initiating, implementing, or maintaining an ISMS, with in-
depth chapters on compliance with legal requirements, access control, authentication, and supplier relationships
to help manage risk from third-party service providers.
 34

A major benefit of using ISO 27002 is that it is a well-respected international standard. It is also comprehensive
enough to cover most information security controls most organizations would use. Furthermore, it can be used to
avoid coverage gaps and ensure that an organization has safeguards in place for all areas.

Key Benefits

 Internationally-recognized
 Flexible, providing a good starting point but facilitating profundity when required
 Certification to ISO 27001 is possible to demonstrate commitment to information security

4. Cybersecurity Capability Maturity Model (C2M2) :-

Created in 2012, C2M2 was originally part of the US Department of Energy and cybersecurity experts’ response
to a White House initiative to assess the energy industry’s security posture.

However, today, the framework helps organizations of all sizes and types, and especially financial institutions,
evaluate their cybersecurity postures and maturity to optimize investments in cyber defense systems and
procedures, focusing on solutions relating to information technology and operations technology.

Cyber maturity is measured by how prepared an organization is in its current state to defend against cyber threats.
Over time, organizations can only achieve full maturity when they can consistently improve year over year on
their security programs and have a clear understanding of industry compliance and cybersecurity performance.

C2M2 comprises 350 recommended cybersecurity practices in the following ten categories:

1. Asset - Asset, Change, and Configuration Management

2. Threat - Threat and Vulnerability Management
3. Risk - Risk Management
4. Access - Identity and Access Management
5. Situation - Situational Awareness
6. Response - Event and Incident Response, Continuity of Operations
7. Third Parties - Third-Party Risk Management (TRPM)
8. Workforce - Workforce Management
 35

9. Architecture - Cybersecurity Architecture

10. Program - Cybersecurity Program Management

Each practice recommendation within the ten domains includes a brief description of the cybersecurity activity
and the objectives that can be achieved through its implementation. C2M2 can also be mapped to NIST CSF
controls to measure the organization’s maturity level.

One of the advantages of C2M2 tools over other frameworks is that a user can complete a self-evaluation tool in
a single day. In turn, firms can quickly understand their cybersecurity risk and what kind of controls they should
implement to defend against data breaches and other cyber threats.

Organizations that choose this cybersecurity framework also benefit from its ability to measure their cybersecurity
maturity in relation to each cybersecurity recommendation, define their target maturity levels, and prioritize the
actions that will achieve these objectives most quickly and effectively. Organizations can consider whether each
practice has been initiated, performed, or managed.

Key Benefits

 Quick self-evaluation
 Organizations can consistently measure their cybersecurity maturity level for individual cybersecurity
practices

5. The Open Web Application Security Project (OWASP) :-

OWASP is a nonprofit foundation aiming to strengthen software security by providing tools, resources, and
networking opportunities for developers. It is focused on community and information-sharing through activities
like open-source software projects and webinars to raise application security awareness and remediate
software vulnerabilities.

The security of web applications varies, which can pose significant problems for organizations adopting or
considering using software in the daily course of business. The OWASP Application Security Verification
Standard (ASVS) cybersecurity framework facilitates the testing of web application technical security controls
and standardizes web application security.

The standard is open and functional for commercial enterprises. Organizations can use them to verify the
functionality of security controls against such threats as SQL Injection and Cross-Site Scripting (XSS).
 36

Financial organizations can use the standards for the following activities:

 To aid procurement activities - Organizations can specify measurable application security requirements
in their contracts.
 As a metric - Application owners and developers can use standardized web application security measures
to consider the security of their web applications.
 As guidance - ASVS can help make minimum levels of web application security clear to those responsible
for developing security controls.

Each requirement in ASVS is categorized by version, chapter, section, and requirement to help users perform a
comprehensive and systematic verification of web application security.

By the end of the process, organizations should appreciate the security level of their authentication, access
controls, and session management and identify software vulnerabilities affecting them.

Key Benefits

 Focus on web applications

 Community focus encourages information sharing and adaptation to emerging threats
 37

METHODS TO MAKE BANKING AND FINANCIAL SECTOR CYBER SECURE

The number one goal of cyber security in banking is to safeguard a customer’s assets and data. With that in mind,
let’s take a closer look at some of the ways banking institutions can become more cyber secure:

1.Combined security :-

Banks are now moving towards a combined and united security model where all elements work and connect in a
more advantageous way to protect both the bank and customer’s assets.

2.Multi-factor authentication :-

Multi-factor authentification adds an extra layer of security by requiring two or more methods of authenticating
the user. This can include emails or text messages providing security codes, fingerprints, or facial recognition.

3.Cyber insurance :-

Cyber insurance (cyber risk insurance or cyber liability insurance) covers the losses related to damage or loss of
information from IT systems and networks. There are many different types of policies, but the main ones
cover loss and damage caused by data breaches or malicious cyberattacks. Cyber insurance provides key support
to help businesses stay afloat.

4.Consumer awareness :-

Educating the consumer on the risks, what to look out for and to be vigilant is an important part of protecting
assets. By highlighting the risks of fake emails, malicious attachments, and links, and to not reveal credentials,
will add an extra layer of security to any business.

5.Integrated Security :-
 38

As BFSI[1] is highly regulated, banks invest time, money, and effort in employing the best technology which may
be sometimes difficult to manage together. Moving towards integrated security where all components work and
communicate together is more beneficial.

6.Machine Learning and big data analytics :-

Analytics is an essential element in leveraging cyber resilience. A new generation of security analytics has come
out which can store and assess a huge number of security data in real-time.

7.Understand the importance of security :-

The mindset where security is seen as a cost must make way for security as a plus. The risk of security threats
and its impact must be analyzed then only the importance of security can be truly understood.

8.Invest in Next-generation endpoint protection :-

Banks and institutions must invest in technologies that can recognize and eliminate the practices and actions used
in exploits.

9.Anti-virus and Anti-malware applications:-

A firewall may increase protection, but it won’t stop attack unless updated anti-virus and anti-malware
applications are used. Updating to the latest application can deter potentially disastrous attacks on your system.
 39

EXAMPLE OF RECENT CYBER CRIME

1. Cosmos Bank Cyber Attack In Pune :-

Cosmos Bank in Pune was the target of a recent cyber-attack in India in 2018, when hackers stole Rs. 94.42 crores
from Cosmos Cooperative Bank Ltd situated in Pune, it rattled the entire banking industry in India. Hackers
gained access to the bank's ATM server and stole the personal information of rupee debit cardholders and visas
in large number. Money was wiped out, and hacker gangs from as many as 28 nations withdrew the funds as soon
as they were notified.[19] It can be avoided by hardening surveillance measures and assisting approved
individuals.

2, ATM System Hacked :-

The ATM servers of Canara Bank was targeted in 2018 for cyber-attack. Twenty lakh rupees were cleared from
numerous bank accounts. According to sources, cyber criminals had access to ATM information for more than
300 users, resulting in a overall 50 victims. Hackers used skimming machines to capture information from debit
cardholders. Transactions involving stolen information varied in amount from Rs. 10,000 to Rs. 40,000. [20] It
can be avoided if the protection mechanisms in ATMs can be improved to avoid data misuse.

3. RBI Phishing Scam :-

The Reserve Bank of India was not spared by the fraudsters in a bold phishing attempt of its kind. The phishing
email, which purported to come from the RBI, promised the recipient prize money of Rs.10 lakhs within 48
hours[21] if they clicked on a connection that took them to a website that looked exactly like the RBI's official
website, complete with the same logo and web address. After that, the user is asked to disclose personal details
such as his password, I-pin, and savings account number. The RBI, on the other hand, issued an alert about the
fake phishing e-mail on its official website
 40

CONCLUSION

Every organization is concerned about cyber security. It is crucial for banks to have the proper cyber security
solutions and procedures in place, especially for institutions that store a lot of personal data and transaction
lists. Banking cyber security is an issue that cannot be bargained with. Hackers are more likely to target the
banking sector as digitalization advances.

KnowledgeHut is a platform that provides hundreds of courses in Data Science, Machine Learning, DevOps,
Cybersecurity, Full Stack Development, and People and Process Certifications. With KnowledgeHut top
Cybersecurity certifications, you can increase your knowledge about cybersecurity in the banking industry
and get the proper training.

Cybersecurity in digital banking is something that cannot be compromised with. With the growth in the
digitalization in the banking industry, it has become more prone to attacks from cybercriminals. Therefore there
needs to be a foolproof Cybersecurity that doesn’t compromise with the safety of customer’s and financial
institution’s data and money.

In conclusion ,cyber threats are a significant risk for the banking and finance industry. Banks and financial
institutions must take proactive steps to protect their systems and data from these threats . This includes
implementing strong cyber security measures, regularly auditing their systems , and having a comprehensive
incident response plan in place . By taking these steps , banks and financial instituations can minimize the risk
of cyber attacks and protect their customers sensitive information
 41

BIBLIOGRAPHY

1. https://sprinto.com

2. https://www.simplilearn.com

3. https://www.guardrails.io

4. https://www.upguard.com

5. https://techmonitor.ai

6. https://www.sangfor.com

7. https://www.fortinet.com

8. https://enterslice.com