PERSPECTIVES ON MODEL RISKS MANAGEMENT OF CYBER SECURITY SOLUTIONS IN BANKING!
Analog 2 Digital Global Consulting Pvt. Ltd.
ISO 9001:2015 & ISO 27001:2013 Certified Company: Your Digital Security Partner
What does the typical cyber risk solutions/tool landscape look like?
# Cybersecurity solutions are typically used for three key purposes
Cybersecurity remains at the top of the executive agenda, and banks are allocating more resources and investment to strengthen their cybersecurity defenses. Banks use a combination of #analytical models and deterministic solutions as part of a robust cyber framework. Cyber solutions are used in banking for the following three priorities: safeguard web and mobile applications, identify risk exposure, and review existing cyber defenses.
Safeguard #web and #mobile applications. With the increased transition to a digital economy, there is a need to implement the right solutions to protect a bank’s applications. Cybersecurity solutions are required to fulfill a set of objectives including detection and prevention of intrusions, data and messaging security, and access management. A range of solutions from advanced analytics (for example, ML) to rule-based approaches (for instance, expert-driven non models) can be leveraged to fulfill these objectives. As an example, #ML solutions play a key role in detecting and preventing intrusions and denial of service attacks. Similarly, analytical solutions are leveraged by banks to ensure data and messaging security and provide overall response to end point threats. On the other end of the spectrum, rule-based approaches are leveraged by banks to implement controls for managing the #Internet of Things (IoT) and preventing fraud from transactions. Additionally, qualitative, expert-based approaches are used for identity and access management, which are important since the introduction of shared data repositories and a cloud-connected world.
领英推荐
Identify #risk exposure. With the increasing uncertainty associated with cyber threats, banks are eager to understand the likelihood of suffering business or data disruptions and to identify cybersecurity risk exposure. Any kind of disruption can lead to economic impact, and it is important for banks to quantify the dollar value exposure they potentially have because of cyber risk. To measure the risk, organizations start by qualitatively creating a catalog of cyber risk areas the organization is exposed to. Next, the dollar value risk is simulated across a range of scenarios and compared against the risk appetite of the organization. Then, controls are designed and identified to mitigate or reduce risk. Once that is accomplished, it is essential to qualitatively monitor and periodically review the risk environment to identify emerging threats and ensure compliance with cybersecurity guidelines.
Review existing cyber defenses. Finally, with the dynamic nature of cybersecurity, banks need to periodically review and challenge existing cybersecurity defenses.