Understanding Economy of Cybercrime in the Digitally Disrupted Banking Landscape by Tolga Tavlas
A sneak peek into the presentation by Tolga Tavlas at the upcoming 10th Annual Internal Audit & GRC Forum.
One of the main challenges Digital Banking professionals face is to find the equilibrium point between security and functionality. At the end of the day we all want to provide the best digital banking experience in the most secure way. So is this possible? I think it is. I like the “functional security” expression, which means security enabling the business, rather than disabling.
If the balance between security and functionality is not set well, security can become a huge obstacle in front of Digital Banking channels. Client engagement, and keeping them active is the main target of digital bankers. If your security structure does not make things easier on your side, at that point you should reconsider what kind of improvements are required.
On the other hand, if your digital banking perimeter is not secure enough: you may end up with a loss of reputation, money and business. Security is a journey, not a destination. In other words, you will always need to do something about it – like updating yourself, your tools and technologies against constantly changing threats and the cybercrime landscape. And whatever you have in your perimeter – they should work together, like a football team (preferably a German national football team, they always play the finals at the world cup – regardless of the generation!)
Criminals always go where people go - this was the first thing we learned on the first day Criminology class. Criminal mindset is quite simple and follows where the money goes. When it was asked "why do you rob the banks?" to one of the most charming and intelligent bank robbers, Willie Sutton (who had forty years of interesting criminal career), he answered "because that's where the money is." Yes, it is that simple...
As of today, we know that the future of banking will be mobile - so we can safely estimate that mobile will be the target for hackers. If you have a look at the security trends, you can easily see that the variations and types of attacks have a very strong direction to mobile platforms. The most heart-breaking fact is the ability of mobile apps developed by fraudsters (let’s call them malware) are much better than the legitimate banking apps (shame on us!) In other words, they know more about our clients than us. The unfortunate result is, if you heavily rely on client profiling in your security perimeter - criminal activity will be very hard to detect.
In my presentation, I would talk about changing customer behaviour and its influence on banking security landscape. Mobile has been the most predominant banking platform now, do we know and understand the threats for mobile and do we know how to manage them. My intention is to share some insight over the topic and empower the audience with some fresh tips.
Hear from Tolga Tavlas at the 10th Annual Internal Audit & Governance, Risk and Compliance Forum, November 08-09, 2016 in Berlin, Germany.
Interested in this topic?
IFRS 9 Financial Instruments
This two-day course provides an in-depth coverage of IFRS 9 along with a recap of IAS 39, to enable participants to assess the business and financial implications of adopting the new standard effective from 1 January 2018.
Certified Information Systems Security Professional
This course offers the most comprehensive review of information security concepts and industry best practices. You will gain knowledge in information security that will increase your ability to successfully implement and manage security programs in any organization or government entity.
Advanced Internal Audit with report writing and Communication skills
This course will prepare you with the latest methods, tools and concepts that prevail in the internal audit profession and is aiming to equip auditors at all levels with the best practices for presentations, team building, interviewing and negotiations.
Things you need to know about the Payment Services Directive 2
The PSD2 race is on! No, it is not a new Playstation game. Time is running out to get fully ready for the PSD2. Around 5,000 EU financial institutions have time until January 18, 2018. It may sound like a good length of time, but there is huge amount of work to be done. Let's start from the introduction to this regulation.
The Bankers'Customer Experience Summit - Post Show Report
The Bankers'Customer Experience Summit was held at Sheraton Dubai Creek Hotels & Towers, Dubai, UAE on 27 – 28 September, 2016 which brought together 90+ participants, 20 speakers, 19 partners from over 10 countries. Download the post show report below to know more about the conference.
The fallout of the new driving world: interview with Fabrizio Brenner
SwissRe's Vice President sheds light on the impact of autonomous cars, accident liability, advanced driver assistance systems and much more.