What's New :
Mains PYQ Practice Programme. Visit Here
19th January 2023 (7 Topics)

Central Govt discusses cyber security measures in financial services sector

Context

The Department of Financial Services (DFS) has organised a half-day Conference on cyber security titled ‘Financial Services Cyber Security (FINSCY)’ in New Delhi.

About the Conference:

  • The event provided an opportunity to share their ideas, practices, and concerns on cyber security measures currently in place in the financial services sector.
  • The experts also discussed the readiness of the sector for future cyber threats and also perspectives on the revised draft Digital Personal Data Protection Bill.
  • Participants: The senior officers from government agencies and departments, and financial services sector regulators, as also senior executives and chief information security officers (CISOs) of banks, insurance companies, and financial institutes (FIs).
Department of Financial Service (DFS):
  • The mandate of the Department of Financial Services covers the functioning of Banks, Financial Institutions, Insurance Companies and the National Pension System.
  • The finance field includes three main subcategories: personal finance, corporate finance, and public (government) finance.
  • Consumers and businesses use financial services to acquire financial goods and achieve financial goals.

Issues of Cyber security in the financial sector:

  • Cyber security refers to the organization of technologies, procedures, and methods designed to prevent networks, devices, programs, and data from attack, damage, malware, viruses, hacking, data thefts or unauthorized access.
  • The main objective of Cyber security in financial services is to safeguard the user’s assets. As individuals go cashless, further actions or transactions are done online.
  • Individuals use their digital money like debit cards and credit cards for transactions that require to be safeguarded under Cyber security.

Major Cyber Security Threats Faced in the financial sector:

  • Phishing: Phishing means to get confidential, classified data such as credit, and debit card details etc. for malicious actions by hiding as a reliable person in electronic interaction. Online banking phishing scams have advanced constantly. They seem real and genuine, but they trick you into providing away your access data.
  • Malware: End-to-end customer appliances like computers and mobile devices are largely used for performing digital transactions therefore, they should be secured.
  • If it is associated with malware, then it may cause a severe risk to the bank’s cyber security whenever they link up with your network. Confidential data goes through this network, and if the user device has malware fitted in it, with no security that malware can create a serious danger to the bank’s network.
  • Unencrypted Data: It is one of the most frequent threats encountered by banks where the data is left unencrypted, and cyber attackers or hackers manipulate the data right away, thus creating serious issues for the banks.
  • All information that is kept on computers in banks or online should be fully encrypted. It will guarantee that even if the data is robbed, hackers may not be able to utilize them.
  • Spoofing: This is one of the latest forms of cyber threats faced by financial institutions. The hackers will pose as a bank website’s URL with a website that is related to the original one and works the same way and when the customer enters his or her login records the login credentials are robbed by these hackers and they use it later.
  • Data Manipulation: Data manipulation attacks take place when a dangerous actor gains entry to an objective system and creates unnoticed changes to data for their own individual gain. An example of this is if a worker modifies customer information data. This will likely go undetected as the transactions will appear genuine, leading to errors in how future data is stored. The longer the manipulation goes unnoticed, the more destruction it will cause.

Suggestive measures:

  • Multi-factor authentication: Multi-factor authentication (MFA) is a verification technique in which access is only given once a customer gives two or more login credentials. Login credentials can consist of passwords, opts, or fingerprints.
  • When establishing MFA, make sure that login credentials do not come from a similar resource (two passwords) as this will diminish security. MFA is a need for banks as it includes an extra layer of security when trying to access important information.
  • Consumer Awareness: It is one of the key aspects where the user has to be made aware of not revealing their user credentials to anyone.

Verifying, please be patient.

Enquire Now