As local digital money transactions accelerated during the Covid-19 pandemic, local financial sectors are advised to integrate security and improve their threat intelligence capabilities.
Kaspersky Southeast Asia general manager Yeo Siang Tiong said the financial sector is uniquely positioned to be a target of attacks by cybercriminals because that is where the money is.
“The growth of digital financial services in the Malaysia, like in other parts of the region, is creating new and heightened risks for both service users and service providers. In this case, technology will be the game-changer,” Yeo said.
The MasterCard Impact Study 2020 report’s findings showed that Malaysia led Southeast Asia in e-wallet use, at 40% uptick, compared with the Philippines (36%), Thailand (27%) and Singapore (26%).
The Ministry of Finance of Malaysia, under the recently launched MyDIGITAL, also aims to ensure that payments for all government services will be made on a cashless basis by 2022.
Yeo said with the continuing lockdown, increase in remote working arrangements and the full throttle push towards digital transactions, not all banks are prepared to handle cyber threats.
“While it is a huge responsibility for banks and financial service providers to secure their virtual systems, investing in the most intelligent solutions is essential as they build their cyber defenses to better protect their customers and their businesses.
From a cybersecurity standpoint, threat intelligence is an advanced, specialized framework that the financial sector will significantly benefit from.” Yeo said
According to Kaspersky’s recent IT Security Economics Report, threat intelligence is considered an area of investment for 41% of enterprises and 39% of SMBs in response to a data breach.
“To secure ongoing efforts for digital connectivity, identification, and payments infrastructure, up-to-the-minute threat intelligence feeds play a vital role in keeping tabs on the cyberattacks that grow in both frequency and complexity.
“Threat intelligence can identify and analyze cyber threats targeting a business. It’s about going through piles of data to examine it, to spot real problems and deploy solutions specific to the discovered problem.
“But threat intelligence is not to be confused with threat data which is a list of possible threats. Threat intelligence is when IT specialists or sophisticated tools “read” threats and analyze them, and apply historical knowledge to know if a threat is real, and if it is, what to do about it,” Yeo explained.
For industries like the financial services, threat intelligence is an important part of a security strategy to prevent data loss, provide direction on safety measures and inform others.
A well-structured cyber threat intelligence (CTI) program means a company can spot cyberthreats and keep data breaches from releasing sensitive information.
CTI spots patterns used by hackers and helps businesses put security measures in place to safeguard against future attacks.
Cybersecurity experts can then share the tactics with the IT community to create a collective knowledge base to cybercrimes.