Security and service assurance

Issue 3 2021 Financial (Industry)

The rise of the pandemic last year meant that corporates around the globe had to embrace a highly dispersed, virtualised environment to keep the wheels of business turning. This is now changing the way that banks need to move forward, with both their security as well as their service assurance.

So says Darren Anstee, chief technology officer for security at NETSCOUT, a global provider of service assurance, security and business analytics. He explains that, at the start of 2020, digital transformation in the financial services sector was already well underway and the intervening year has only accelerated this transformation.

Writing in a recent blog, he notes that, “The COVID-19 lockdown shut branches, forcing customers online; in fact, it is estimated that 35% of customers have increased their online banking usage during the pandemic… Customers that have grown accustomed to the speed and convenience of online banking are unlikely to revert to call centres or go back to using an agent or a branch to the same extent as they did previously.”

At the same time, banking employees who had been working on secure corporate infrastructure at banking premises became suddenly spread across thousands of far more vulnerable home office locations.

Anstee clarifies: “In the US, for example, Bank of America and Wells Fargo transitioned more than 150 000 employees – or roughly 70% of their workforce – to work from home. And in the UK, Nationwide moved 98% of its workers to work from home in the space of just five days.”

And this fact comes with a warning: “It’s unlikely that tens of thousands of workers can be redeployed within a few days without a few security issues being overlooked in the process.”

Predictably, threat actors around the globe were quick to take advantage of the sudden requirement to move employees into remote working arrangements. Distributed denial of service (DDoS) attacks crossed the 10 million mark during 2020. For the first time in history, as reported by NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT), more than 10 million DDoS attacks took place in a single year, showing how much the COVID-19 pandemic had assisted the activities of threat actors.

DDoS attacks occur when threat actors try to disrupt normal traffic to the enterprise by overwhelming the target with a flood of Internet traffic, at volumes that the system cannot handle. In this way, genuine users cannot gain access.

Similar risks in Africa

Returning specifically to financial services, South Africa is internationally recognised as having a sophisticated financial services sector, which is backed by a sound regulatory and legal framework. It is also becoming a target for cybercriminals.

Risna Steenkamp, general manager: ESM Division at value-added distributor Networks Unlimited, clarifies, “As with international financial services players, key local banks in South Africa were also well on their way with their digital transformation journeys before the pandemic struck. This is outlined, for example, in information from Standard Bank in 2020[1] on steps taken to help the bank deliver a faster time-to-market on products and services, while ensuring its IT infrastructure was optimised; as well as by Absa’s digital transition, which came about as a result of its separation from Barclays from 2017 to 2020[2], and which, reports the bank, created new opportunities for Absa, particularly around the use of big data to build its customer intelligence and experience offering.


Risna Steenkamp.

“Last year, our local financial services had to make their own quick adjustments to the new world order. However, having to move swiftly to keep working during the initial hard lockdown in March 2020 did not help with an already difficult security situation.”

In 2020, Irish multinational consulting firm Accenture released a report entitled: Insight into the Cyberthreat Landscape in South Africa[3] that revealed a pronounced spike in cyber-attacks in 2019, with all sectors being hit by cybercriminals.

Steenkamp notes, “The report outlined that South Africa had the third-highest number of cybercrime victims globally for the reported period, translating into losses of around R2.2 billion in cyber-attacks. I imagine that once the data for 2020 has come in, the figures will continue to paint a dismal picture. For example, we know already that local financial services companies PPS and Momentum Metropolitan came under cyber-attacks during 2020 and 2021[4], as did consumer credit reporting company Experian[5].

“It all speaks to the imperative need for cybersecurity across all sectors and banks, with their access to critical personal information, will only survive if they are able to protect their customers’ security details while also operating top-quality customer service. This is as true whether they are interfacing with their customers in a bricks-and-mortar or a virtual scenario.”

According to Anstee, the reactive changes that took place across the globe last year have had huge implications for the financial institutions involved, both from a service assurance and a security perspective.

He explains, “The key objective of IT and business leaders now must be to ensure the reliable delivery of mission-critical business services. Financial services institutions cannot function effectively in this new normal unless their customer-facing applications and virtualised business processes can operate reliably and securely across wired and wireless environments. With cybercriminals enthusiastically exploiting pandemic vulnerabilities, the need for advanced automated DDoS technology is clear.

“Meanwhile, service assurance requirements mean that companies must test and monitor new digital transformation projects over both wired and wireless networks – during and after deployment – to assure a quality user experience. It also requires that companies establish baseline service response times for new and existing services and introduce rapid service triage to reduce the time it takes to identify and remediate any vulnerabilities. Ideally, customised analytics would provide key insights into all business-critical applications and services.”

NETSCOUT is distributed throughout Africa by Networks Unlimited.

Networks Unlimited Africa, Janco Taljaard, +27 11 202 8400, [email protected], www.networksunlimited.africa

[1] https://www.standardbank.com/sbg/standard-bank-group/whats-happening/newsroom/Standard-Bank-accelerates-digital-journey-to-enterprise-development-with-Microsoft,-SAP

[2] https://www.news24.com/fin24/companies/financial-services/absas-split-from-barclays-as-good-as-complete-20200608

[3] https://www.accenture.com/za-en/insights/security/cyberthreat-south-africa

[4] https://www.businessinsider.co.za/pps-hit-by-cyber-attack-report-2021-3

[5] https://mybroadband.co.za/news/security/365838-experian-data-breach-personal-data-of-millions-of-south-africans-found-online.html?utm_source=BusinessTech&utm_medium=SponsoredArticle&utm_term=February2021




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Africa’s largest data centre obtains internationally accredited certifications
News IT infrastructure Financial (Industry)
Africa Data Centres has strengthened the integrity of its day-to-day running by acquiring ISO certifications through the internationally recognised authority in ISO certification, the British Standards Institution South Africa (BSI).

Read more...
Fire safety in financial organisations
Financial (Industry) Fire & Safety
The data that drives modern finance is physically stored and processed by banks of equipment in cabinets where they give off a significant amount of heat as a side effect to their furious electronic activity.

Read more...
Keeping a constant eye open
Secutel Technologies Financial (Industry)
A cash management process involves several moving parts, each of which is important to the success of avoiding cash theft by internal staff or external people. Financial institutions must protect their ...

Read more...
Cash management with biometrics
Suprema neaMetrics Financial (Industry)
By integrating biometrics into cash handling solutions, the risks that cash is exposed to, including fraud, theft and unintentional loss, can be mitigated.

Read more...
Road blockers to prevent forced entry
Turnstar Systems Financial (Industry)
Road blockers provide higher levels of security with built-in stopping power and are used extensively for premises such as banks, embassies, bullion depots, cargo parks, ports and truck parks.

Read more...
Entersekt partners with Capitec Bank
Financial (Industry)
Entersekt integrates NuData Security’s behavioural analytics intelligence into its EMV 3-D Secure solution to provide Capitec customers with real-time risk-based authentication for online purchases.

Read more...
Russia/Ukraine war and its effect on financial institutions
Technews Publishing Editor's Choice Security Services & Risk Management Financial (Industry)
ASIS SA’s treasurer, Erica Gibbons, highlights some of the effects financial institutions should look out for as a result of the war between Russia and the Ukraine.

Read more...
Physical security solution at the JSE
Turnstar Systems Financial (Industry)
Turnstar was recently contracted to provide the JSE with a comprehensive site- and client-specific solution, designed for maximum safety and security.

Read more...
Insider threats a bigger challenge
Financial (Industry)
Now more than ever, insider threats pose a serious risk to financial institutions, especially those that have transitioned to alternate work environments to ensure business continuity.

Read more...
Banking on surveillance, AI and analytics
Cathexis Technologies Financial (Industry)
CathexisVision video surveillance capabilities and smart video analytics help detect and cut fraud-based events and their resulting losses as well as facilitate the gathering of business- and consumer-related intelligence.

Read more...