Dealing with the dark side of rapid digitisation in Financial Services. (image credit: Techcentral)
Across the African continent, organisations offering banking, lending, insurance, trading, and payments services are seeing the opportunities for technology to increase levels of financial inclusion, and delight customers with superior experiences.
In fact, due to vast geographies and generally poor branch-based infrastructure, many African countries are ideally placed to embrace new digital (and particularly mobile) financial services tools. A recent McKinsey paper pegged mobile payment penetration in Kenya at a staggering 86 percent of households, for example.
Closer to home, South Africa’s major banks, insurers and wealth professionals are embroiled in a fast-paced competition to provide the broadest array of financial services on smartphones and tablets. This year, the first bricks-and-mortar banking branches started to close, with more on the cards over the coming years.
And the digital journey is only just getting started. However, the side effect of embracing technology in financial services is that the cybercrime threat landscape is becoming ever-more complex and dangerous. Banks, commerce portals and payment services are the main targets of attack in the new era of sophisticated cybercrime. Today, attacks can happen in a matter of minutes or seconds, and with devastating consequences.
PWC’s Global Economic Crime Survey of 2016 succinctly describes this ‘digital paradox’: “Organisations today are able to cover more ground, more quickly, than ever before – thanks to new digital connections, tools and platforms which can connect them in real time with customers, suppliers, and partners. Yet at the same time cybercrime has become a powerful countervailing force that’s limiting that potential”.
The most common forms of attacks in this evolving threat landscape – malware/crimeware, web application attacks, point of sale attacks, insider compromises, and distributed denial-of-service attempts – pose massive financial and reputational risk to organisations.
Social engineering is also evolving – from the badly-written faux bank emails we previously viewed with chagrin, to sophisticated multi-phase efforts at collecting different data sets to commit digital identity fraud. Financial services providers across Africa, like the rest of the world, have the two-fold responsibility of ensuring their technical security measures outpace cyber-criminals, as well as educating their staff and customers on the latest social engineering techniques.
Dealing with this requires financial services organisations remain continually alert to attacks, and conduct regular threat assessments. The highly-coordinated nature of modern cybercrime requires an equally well connected overall information security strategy – which offers real-time identification analysis and organisation-wide protection from threats.
Looking slightly further ahead, in the next phase of our digital economy, APIs and integrated systems will connect various financial services players, to provide the optimal customer experiences. Loosely termed ‘FinTech, this era will see traditional financial players partnering with providers of mobile wallets, new payment solutions, cryptocurrencies, social lending, crowdfunding services, and personal financial management tools, among others.
Effectively and securely connecting with these various players will further complicate the threat landscape. An organisation’s security posture must enable new business opportunities within digital ecosystems, while simultaneously addressing all of the security, privacy, regulatory compliance, and governance requirements.
By partnering with leading security experts, deploying the right technologies, and taking a cohesive, enterprise wide view of security, it becomes possible to detect and prevent malware, phishing and other attacks in real-time – effectively securing digital customers across all channels, and dramatically reducing the risks of online identity theft.
As Neill Burton, VP Channels and Alliances UKISSA at F5 Networks states: “F5 are witnessing a significant increase in organised cybercrime within the financial industry, with such activity driving adoption of our anti-fraud solutions in addition to more traditional network and application protection offerings. Having a capable organisation such as Networks Unlimited driving awareness in this area in the African markets is a welcome ally in this war on crime.”
By: Anton Jacobsz, MD at Networks Unlimited