IBM Security leader talks political impact on Fintech
As a partner director within IBM Security Services, Cory Hamilton oversees IBM’s global financial services sector. That task includes overseeing the state of cybersecurity within banks, financial markets and insurance companies. His day-to-day role involves working with the C-suite of the global 2000 to enable their digital transformations through security programmes, enhancements, advancing their maturity, deployment of software technology and providing overall consulting services. Hamilton also has an internal role that sees him lead global practise within IBM.
How is the current political instability globally affecting cybersecurity and the rate of attacks in relation to FinTech?
You can’t ignore the geopolitical climate of the Russian war in Ukraine. We’ve certainly seen various attacks within the financial space as well as within the government. Within Ukraine and Russia, certainly banks have been impacted on both sides or within both countries. We’ve actually seen some of the largest distributed denial of service attacks ever reported due to this kind of political instability.
We have not observed widespread retaliatory attacks against the West or the Western financial banking system due to the wars. But we have certainly seen a uptick in general organised crime.
The onslaught of attacks are no longer, immature people in basements. These are highly functional organisations that are focused on organised criminal activities within the cyber realm.
There is also the political climate of inflation as a result of the COVID 19 era. The political instability, as well as just the global economic landscape we’re in, has certainly been a ripe environment for more impactful breaches, by a increase in the amount of breaches that we’re seeing.
The fintech and banking industry has become far more interconnected over the past two years. What’s your take on open banking and embedded finance in terms of the levels of vulnerability to cyber attacks? Have these innovations made things easier for cyber criminals?
In terms of open banking and embedded finance, organisations are implementing those largely driven by customer demand. Increasing the availability and the ease of processing transactions is a opportunity for organisations to grow market share and to better serve their customer.
It has certainly been a challenge when it comes to securing that for a couple of reasons. One, through open banking, when you open up through the use of APIs, customer data and potential processing data, there is a risk that as it becomes more open, you are by nature giving others access that traditionally would not have that. The fintech space, through open banking, was pushed down through regulations. Many fintech providers are not regulated or certainly not regulated to the same level that traditional banking organisations are.
Essentially, you’ve got startup organisations that really grow from nothing within a matter of each weeks, And they’re successfull because they’ve got a new tool, a new process, something that’s very quick and easily – and can enable that customer journey. They’re concentrating on speed to market and the ease of the solution.
Well, if you’ve got speed and you’ve got ease that doesn’t necessarily make it the most secure thing. And typically, these organisations, fintech providers, are providing applications, are providing software, but they’re not security companies.
You can either have it [success] very quickly, but ease of use and security might be lacking. Its a delicate balance that we’re seeing where fintech, certainly due to the limited regulatory requirements for controls, may not have the same level of security or practise the same protocols and rehearse the same scenarios as a more traditional banking institution would.
IBM recently released the Cost of a Data Breach Report. It states that a year after the Biden administration issued a cybersecurity executive order that centres around the importance of zero trust to strengthen the nation’s cybersecurity, only 21% of critical infrastructure organisations studied, adopted a zero trust security model. 17% of those critical infrastructure breaches were due to a business partner being compromised, highlighting risks that over trusting environments pose. What does this mean for businesses going forward, especially in light of the expansion of the IOT and digital ecosystems?
This year, the 2022 cost of a data breach, is our 17th year of releasing this report and the Biden administration, cybersecurity executive order pushing for critical infrastructures and zero trust. On that topic of the Biden administration cybersecurity executive order pushing for critical infrastructures and zero trust, I’ll say that the critical infrastructure is a wide bucket.
It’s not just financial services. It’s also healthcare, manufacturing and energy. The financial services industry probably makes up a majority of that 21% that have adopted a zero trust model. Financial services has traditionally had the most to lose. Since the beginning of banking, they’ve always had a currency, they’ve had that money, attackers go where the money is. It’s only been within the past decade or so that the IOT devices have began to create data.
But data is the wealth that everybody’s after. That’s the new currency of the 21st century. As far as the expansion of the IOT and the digital ecosystem goes, it is certainly a concern… This is an opportunity to get security right. Traditional organisations via the buildup of the internet, made the connections, and then added security on after the fact.
Now, as organisations are joining the cloud through the use of regulated clouds or industry specific clouds, security is built in through design.
The challenges that other critical infrastructures that are less mature (such as healthcare, manufacturing and energy) as those legacy IOT systems come online, we’re going to see a significant jump in the overall security posture of those organisations because of the shift from legacy infrastructure which was never meant to be connected online, is now moving to cloud and therefore having security by design security integrated, along with regulated cloud structures.
So what type of breaches are most likely to occur specifically within fintech at this time and possibly going forward?
In terms of cybersecurity, fintech is one of the areas that’s probably going to see the most success. But the most popular method of infiltration is phishing – and that is going to occur. As people join some of the new fintech technologies, they may not be as familiar with how that organisation reaches out to them. A simple phishing email of, “Hey, this is such and such org. Just want to confirm that… Please respond back with your account number and passwords so we can ensure that this transaction goes through”, is very common.
Stolen and compromised credentials are absolutely a concern with organisations because they may not have a very robust security programme. The security personnel could be one or two personnel working within that fintech. Cloud misconfiguration is certainly a concern for fintech too.
In terms of ransomware and malware, that is a concern. We’ve seen instances where ransomware attacks have occurred, although I wouldn’t say fintech is any more susceptible to a malware or ransomware attack than a traditional bank.