Digital transformation is disrupting the finance industry in Asia-Pacific and likewise driving positive change, however, cybersecurity risks have also increased significantly. Palo Alto Networks recently released a survey revealing a high level of awareness within the sector to invest in cybersecurity measures. 72 percent of respondents claim to have received additional cybersecurity budgets over the past year – above the average of 66 percent, across all industry sectors surveyed. This shows a good understanding on the importance of dedicating resources to avoid cyberthreats.
Furthermore, 52 percent of financial institutions have also adopted big data analytics to detect security breaches and fraud, which is significantly higher than the overall average of 33 percent. A high percentage of financial firms dedicating resources on big data analytics to mitigate cyberthreats indicate how cybersecurity is critical for today’s traditional banks embracing digital technologies to deliver modern-day conveniences such as mobile banking.
However, just like the industry-wide sentiment of organisations across the region, 55 percent of financial institutions still feel that a rather reactive, detect and respond approach towards cybersecurity is still more important than prevention. As it takes approximately 98 days on the average to detect an attack, majority of attackers have enough time to succeed before they get detected. This means that response after an attack is detected may be a little too late. In the current financial year alone, 3 out of 10 financial institutions in Asia-Pacific surveyed have lost over USD 100,000.
Other key findings:
- There is a need to be mindful of external threats: 43 percent of respondents in the financial sector noted that most risk comes from third-party service providers. In fact, 50 percent of respondents said that their network’s exposure to external users like clients and suppliers is the primary barrier to ensuring cybersecurity. It is no wonder then, that 85 percent of financial institutions place a security policy on BYOD (bring your own device).
- Financial institutions demand external cybersecurity expertise, just like all other industries: 62 percent of financial institutions outsource cybersecurity to Managed Security Service Providers, higher than the 59 percent across industries.
- Cyberthreats should not disrupt 24/7 digital banking services: Other than monetary damages, financial institutions are also most worried about company downtown while a breach is being fixed (28 percent).
Over the past few years, we have seen the finance industry taking greater action to ensure that their organisations are able to effectively mitigate cyberthreats. However, before even talking about cybersecurity budgets, financial institution must first ensure that they adopt an approach that minimise risks the most. A reactive approach towards cybersecurity simply isn’t enough to counter today’s most sophisticated cyberthreats, and we must not overlook the importance of prevention.
– Sean Duca
Vice President and Regional Chief Security Officer for Asia-Pacific
Palo Alto Networks
