Technology, regulation and the human touch: three pointers to stop cyber-crime
Geopolitical tensions, rapid advances in computing technology and the accelerated pace at which we live our lives online are raising the stakes for international organisations and their struggle to safeguard data.
While some of the recent spike in cyber hacks may be familiar, such as phishing attacks and ransomware, the technology and the sophistication of crime syndicates behind them are making threats tougher to spot and more likely to succeed.
Standard Chartered’s ‘Resetting Globalisation: Catalysts for Change’ released in 2023 found that 84 per cent of business leaders think the free flow of data around the world has a positive outcome. While the cross-border movement of data and technology drives transformational change, it also leads to concerns around ensuring the privacy and security of both people and markets.
Hackers are increasingly relying on automation and advanced technology to tamper or steal a company’s assets. Global organisations, including Standard Chartered, need to invest in preventive measures which include adopting cutting edge technology, working with regulators, enforcement bodies and partnering with other financial institutions to anticipate new threats, and deploying our best defence, our people, to safeguard our assets and remain vigilant to current tsunami of global risks.
Organisations can protect themselves from data leaks by better understanding their tolerance of risk. They also need to have the resources in place to deal with attempted heists of the company’s crown jewels: high-value personal data, payment systems and other super critical systems. Being prepared is crucial, yet so many firms still underestimate threats. Everyone has or thinks they have a plan in place, until they “get punched in the nose”, to quote the words of Mike Tyson.
At Standard Chartered we firstly hack ourselves on an ongoing basis before someone else can do it. We put ourselves in the shoes of the bad actors and look at what it is they may want to steal and the methods they may use to achieve this. We have a workforce of over 10,000 engineers globally that is constantly working to stay one step ahead of those who pose a threat. Using and developing the latest technology to protect and identify new risks is a daily (or even hourly) endeavour where the Bank works to anticipate and implement the necessary measures and controls to protect our systems and data.
With artificial intelligence and machine learning making it easier for online thieves to find a company’s vulnerabilities, we are watching Quantum computing as a potential threat, but also as a potential shot in the arm for the encryption that shields data from thieves. Developing and deploying the right technology is a constant evolution that requires firms to act nimbly yet decisively.
But the mood of the public, which also plays a role in the vulnerability of important business data remains debatable. That public mood is dark.
Geopolitical tensions and conflicts are ratcheting up the volume of vitriol flowing on social media. This rate of flow is proportional to the likelihood that a data breach will happen and its perceived potency when it does. As the threat grows, there are however tools to address it. Computing and automation can shore up data security by reducing error in labour intensive data security roles.
Secondly, outside of the bank, sound regulation and close collaborations with key government bodies in our biggest markets, including the US and EU, help set best practices on a broad scale. Retail clients, too, are more exposed to cyber threats and are keen to know how to protect themselves from would-be scammers.
The challenge is finding the right balance of cyber security and onerous governance. Banks can be made infinitely safer but would struggle under the weight of the added costs to the business and the client. At Standard Chartered we have deployed a significant partnership model across our network to ease the burden on individual firms and collaboratively use our collective intelligence to defend against threats.
Thirdly, the success of a people-centered cyber security strategy hinges on engaging with employees, clients, and the support of the executive leadership and collaboration with other banks. We are a member of global networks and organisations that are committed to improving cyber security including the Financial Services Information Sharing and Analysis Centre. This allows us to remain at the forefront of security developments in the financial services system, engaging regularly with the sharpest minds in more than 70 countries.
Businesses, and individuals, are now more exposed than ever to cyber-attacks and need robust security protocols in place, so the very same technology that benefits them, also poses a threat and a remedy. The question is – how do we harness the benefits of sharing data and technology that underpins globalisation, while ensuring the vulnerabilities are addressed?
The answer is a cyber security approach developed by relevant bodies working seamlessly together, harnessing the power of its people and technology, that is delivered in a controlled yet pervasive manner which both benefits and protects people, companies and markets.