Cyber Security

Fighting financial cybercrime with data

C By Carlo Lacota Assistant Vice President, Banking and Financial Services, Cognizant &

Dushyant Kapoor Director of Consulting, Banking and Financial Services, Cognizant

52 | Chief IT

ybercrime is a serious threat to anyone and everyone online. However, in the digitally connected world with online transactions far outnumbering those in hard cash, the threat couldn’t be higher for financial services and banking firms. For established brands, even the smallest data leak or security breach could rapidly balloon into a front page news story, costing more than just the loss of their data to cybercriminals: It could also lead to a loss of customers’ trust in the financial institution, ultimately leading to irreparable business loss and significant financial costs. Banks are having to deal with a new generation of customers who expect to be offered a plethora of personalised banking services and would switch banks easily if they thought their data was not being used well or was being compromised.

Banks and other service organisations understand that collecting client and industry-related data is the key to successfully digitising and retaining a tech-savvy customer base. However, it also makes them an ideal target for hackers who are using more and more aggressive and sophisticated techniques — including ransomware and mobile phone hacks — to get access to customer and financial transaction data. Devising the right privacy and protection policies for the goldmine of customer data is critical for the banks to, on the one hand, deter potential hackers from getting unauthorised access to that data and, on the other hand, allow customers to transact effortlessly whilst allowing internal staff appropriate access to that data in order for them to provide customised experiences and relevant offers to the customers.

Data: A path to customer centricity

Understand, research, and then plan

In the digital world, customers are generating increasingly vast amounts of data through every online transaction and touch point. While on the one hand, protecting this customer data is a challenge for the banks, it is being used by the banks to better understand their customers and develop customised offers for them.

The first step in implementing adequate controls is to understand the risks and their business impact. Banks need to invest time in properly assessing the risks they might have to confront. To be relevant and give banks enough information to future-proof their business, this assessment should be based on the organisation’s size, channels, geographies, customer types,