OPINION: A lack of diligence among digital users is a critical risk for organizations. Given that, how should banks develop their now essential cybersecurity strategy?
One aspect that calls for specific attention in the field of cyber threats, is how to turn digital users into “diligent users”.
Without a doubt, this condition can end up being decisive for any effort, in the public or private sector, to prevent these types of risks. You could say, the lack of diligence can become a critical risk for organizations.
Digital illiteracy – and what it means for security
Some time ago, there was a discussion among experts about the risks that would come with the Internet of Things, and the related emerging threats.
In the end, the only consensus came in defining that a sizeable proportion of users suffer from condition called “digital illiteracy” when it comes to the area of security.
Indeed, one of the main challenges in our field comes from the speed of technological change, with new threats appearing faster than they can be addressed through educating and training these users.
And of course, we cannot ignore the fact that the condition that we call illiteracy in digital security is well known by malicious actors. That explains why today, in 2019, one of the main avenues of digital fraud comes from social engineering and Phishing, both phenomena from the 1990s that remain among the main cyberthreats globally.
A clear example of the gap between diligent users and security mechanisms lies the proportion of personal mobile devices that have antivirus protection installed – despite the fact that users increasingly prefer to surf the internet on their mobile phones, without regard to the fact that it could be a way in for a “technological Trojan”.
You might also like: Cybersecurity teams confront fresh risks amid bank transformation
When we talk about how we should address these types of risks, we can summarize it in four parts: prevention, detection, response and recovery.
In the same way, when we address each of those fronts, we should have a further four factors in mind. These – people, information, processes and technology – operate in a synchronized way. All of this is part of a solid risk management policy.
In the same way, when defining a strategy to prevent cyberattacks, it is important that companies and corporations have an up-to-date methodology that allows them to evaluate risks, define action plans, and monitor their implementation.
Internal control activities are also important, to verify that the mechanisms that have been implemented fully cover the policy, across the chain from prevention through to recovery.
All this requires certain conditions for successful management, with the main variables as follows:
- At the company level, strengthen the institutional culture in security across the organization
- Education and training as the main stage of prevention
- Specialized technology, methodology and talent for managing and responding to crises.
- Strategic communication, both external and internal
- Synergy with the broader cyberthreat prevention ecosystem, which as local, regional and global reach
As a final note, keep in mind that the area of cyberthreats requires us to permanently review our strategies, given that the sector changes with technological advances and user preferences.
José Marangunich is head of the Corporate Security Division at Banco de Crédito del Perú, and President of the Strategic Committee for Security at the Peruvian Banking Association.
Neobanks, SME banking and API fintechs are key areas for LatAm fintech growth
About 20%–30% of the COVID-related surge in e-commerce will be permanent
Digital Intelligence Index highlights the value of digitalization and trust in securing economic resilience and prosperity
In 2020, we digitalized. 2021 offers more time to be at home with the family, a rise of contactless technologies, and a more conservative mindset toward personal finances.
Banks that can deliver highly personalized customer experiences will most grow their market share, writes Enrique Ramos O’Reilly
OPINION: Customer centricity is key for growth amid uncertainty, writes Andrea Padilla
- Life post-COVID-19 and the future of payments in Latin America and the Caribbean: Are we reaching the end of cash?
- Blockchain adoption in Brazil: Early days
- Brazil’s financial cybersecurity challenges
- Mexico will lose economic force without more fintechs
- Fintech Snapshot January 2020: Loft, AlphaCredit and Olivia
- LatAm Fintech Snapshot – February 2019