Hong Kong focused on preventing cyberattacks this year
CYBERSECURITY in organizations needs to lock up tighter. Cybercrimes are on a dramatic rise in Hong Kong with the banking sector at its center.
As more digital banking solutions are introduced, cybersecurity risks have increased according to Chairwoman of the Hong Kong Association of Banks (HKAB), Mary Huen Wai-Yi.
“It is important for the banking sector to step up risk management to protect the interests of their customers,” she told the South China Morning Post.
The country lost more than HK$2.2 billion (US$280 million) lost and suffered more than 9,000 cyberattacks in the first nine months of last year. It is clearly a major target for hackers.
Online scams such as false banking websites, phishing emails, and fake banking apps rack up to 142 cases in 2018. In 2017, there were 44 cases. The year before that, there were only 35 incidents.
In the Hong Kong Monetary Authority (HKMA)’s year-end review presentation, it was proposed that the financial sector will step up its efforts to combatting cybercrimes through the Cyber Resilience Assessment Framework (C-RAF).
C-RAF is a three-part assessment instrument that helps AI evaluate cyber resilience for the banking industry.
The first step in the framework is to assess the level of cybersecurity risk inherent in the bank’s existing systems and put them into buckets such as ‘low,’ ‘medium,’ or ‘high’ risk.
After that, an artificially intelligent (AI) algorithm can be used to determine if the level of the bank’s cybersecurity is mature enough. If it isn’t, the AI can be used to outline a plan to improve its resilience.
Lastly, the framework recommends a test that simulates real-life cyberattacks.
At this point, there are still some concerns regarding the practicality of the simulation recommended by the framework, the HKMA intends to adopt a phased approach to ensure its effectiveness.
HKMA Deputy Chief Executive Arthur Yuen Kwok-Hang said at a recent media briefing that his organization would monitor Hong Kong banks’ cyberattack recovery competency.
There are no one-off solutions when it comes to cybersecurity. Especially so when it comes to the banking sector that presumably requires more attention to detail.
As banks climb the digital maturity ladder, hackers too will become more sophisticated. Banks, therefore, need to be more aware and vigilant in the coming months to keep their digital assets safe.
Managing cybersecurity is not going to be a walk in the part for IT professionals. However, banks must invest significant resources and pay attention to the trends in cybersecurity to safeguard themselves and their customers.