SWIFT’s Decision to Hire Cybersecurity Firms is Step in a Right Direction; but Banks Need to Do More
July 15, 2016 | Privileged Identities, IT Security, Privileged Access Management, Security Breach
Earlier this week, the world’s biggest money-transfer system, Society for the Worldwide Interbank Financial Telecommunication (SWIFT), announced that it has hired two IT security firms to monitor customers’ use of its transaction system. The Brussels based organization felt the need to reinforce cyber-defenses as the global financial system remains alarmed by a spate of recent bank-heist across the world.
Recently, the Central Bank of Bangladesh suffered a massive security breach. In a highly sophisticated operation, cybercriminals stole about $100 million after gaining an access code for the global cross-border payment messaging system. The operation allowed hackers to transfer cash to their account. Following this incident, banks in Ukraine, Vietnam and Ecuador reported cyber-heist.
SWIFT’s decision to hire IT security firms is a step in a right direction. As we highlighted earlier, such incidents are not possible without privileged identities’ misuse. A vulnerable IT system at banks allow malefactors to exploit their weakness by getting hold of the ‘sensitive data’—access code in this case. With the recent development, any attempt to hack the transfer system will be promptly detected.
However, the threat of a data breach for banks is not confined to the global cross-border cash transfer system. Financial institutions, especially banks, remain vulnerable to innumerable threats arising from a misuse of privileged identities. Indeed, banks typically keep up several privileged accounts that form a large pool of highly sensitive data. It could be credit, debit card details, customers’ personal information and some other type of critical data.
This highly sensitive data are stored in innumerable data base. This means that a bank’s critical data remains accessible by several System Admins. In some cases, this data is accessible by third-party consultants. Outsourcing data storage to Cloud Computing service providers is one example.
In this backdrop, monitoring privileged identities becomes a daunting task. If organizations fail to adapt a proper IT risk-management solution, malicious insiders, disgruntled employees or hackers can wreak havoc by misusing privileged identities.
This is why it so important today for financial institutions to adapt Privileged Identity Management / Privileged Access Management Solution. This foolproof risk management technology not only allows firms to predict, protect, and prevent the privileged accounts from identity theft but it also helps fulfilling the Governance, Risk Management and Compliance (GRC) requirements.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behavior Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.
Need a solution for safeguarding critical IT assets? Please contact us