Select Page

In Asia, banks are facing a significant challenge as they contend with a surge in cyber attacks. Experts point out that this issue is made worse by the shortage of adequately trained professionals in the industry who can safeguard banking services from cyber threats. They emphasise the necessity for a collective effort across the sector to ensure an adequate number of skilled individuals are placed in appropriate positions. Furthermore, banks must take proactive measures to guarantee their teams possess the right expertise.

A report from S&P highlights that smaller banks in the region are particularly vulnerable to cybercrime, primarily due to their limited resources, resultingt in fewer skilled personnel available for defence against attacks. While cybercrime is a global concern, its impact is especially pronounced in Asia. A study by cybersecurity firm Checkpoint revealed that during the first quarter of 2024, there was a staggering 16 per cent rise in cyber attacks within the region. Additionally, data from the World Economic Forum indicates a worldwide deficit of four million cybersecurity professionals, with Asia-Pacific bearing the brunt of this shortfall—lacking approximately 2.5 million qualified individuals across various sectors.

 

The threat posed bycyber-attackss is acutely felt throughout Asia’s banking industry. In June, the Reserve Bank of India (RBI) issued an advisory alerting regulated entities about credible intelligence regarding potential cyber threats. It urged them to enhance their surveillance and resilience capabilities accordingly. The RBI specifically advised banks to keep a close watch on critical systems such as Swift and India’s National Electronic Funds Transfer system, as well as its mobile payments platform, Unified Payments Interface.

This warning followed reports revealing that Indian banks experienced 13.2 million cyber attacks between January and October 2023 alone. Alarmingly, over half—54 per cent—of these incidents occurred due to inadequate protective measures against IT system breaches, totalling more than 7.1 million attacks; contrastingly, only 711 phishing attempts were recorded during that same timeframe.

 

In Australia, banks have also acknowledged their vulnerabilities; Chris Sheehan from the National Australia Bank remarked on the Australian Broadcasting Corporation at the start of July that every bank faces constant attack attempts. Meanwhile, Kazuo Ueda, governor of Japan’s central bank, cautioned earlier this year about how rapid digitalisation within Asia’s financial systems has heightened risks related to both cybercrime and money laundering activities. In response to these growing concerns, Japan’s Financial Services Agency proposed amendments to its regulatory framework aimed at bolstering security measures against potential cyber threats in June.

In the region, while larger banks have managed to strengthen their resources and fortify their cyber defences, this has inadvertently made smaller financial institutions more appealing targets for criminals, according to Natasa Perucica, who leads capacity building at the Centre for Cybersecurity at the World Economic Forum. She highlights that the ongoing brain drain—where skilled professionals from developing markets seek employment abroad—compounds this challenge. To mitigate these risks, Perucica suggests that smaller banks should focus on bridging the cyber talent gap by nurturing homegrown talent and enhancing the skills of their current employees for cybersecurity positions. Furthermore, she emphasises the importance of investing in local educational and training initiatives, creating attractive job prospects, and implementing policies aimed at retaining local expertise.

 

Nico de Lange, an analyst with S&P Global Ratings in Sydney and author of a relevant report from S&P, points out that smaller banks can benefit from engaging consultants or third-party cyber risk service providers on either a full-time or as-needed basis as a cost-effective solution. These services can often function similarly to a virtual chief information security officer (CISO). However, de Lange cautions that while these external experts may possess valuable knowledge and be less expensive than hiring a full-time CISO, they might need more long-term dedication and more insight into the specific operations of smaller banks.

 

To attract essential staff more innovatively, smaller financial institutions could consider forming partnerships with universities to create apprenticeship and internship programs. According to Perucica, such initiatives would offer students practical experience in cybersecurity within a banking framework while simultaneously helping to develop a future workforce equipped with skills tailored to meet the unique challenges faced by small banks.

Perucica emphasises that while banks must implement their security measures, a collective effort across the industry is key to combat cybercrime effectively. She points out that the challenges posed by workforce shortages are not limited to individual organisations or sectors; instead, they affect the entire regulatory landscape. To mitigate these risks, she advocates for comprehensive strategies focused on attracting, training, recruiting, and retaining cybersecurity professionals. By collaborating and sharing resources and expertise, various stakeholders can build a strong and resilient cybersecurity framework—one that is vital for improving overall safety and resilience within society.

 

When it comes to smaller financial institutions seeking protection from cyber threats, Perucica suggests that these banks consider forming partnerships with organisations that boast highly skilled personnel. In their hiring efforts, she encourages small banks to explore diverse pathways: they should aim to engage underrepresented groups in the cyber field, such as women, through targeted recruitment campaigns and inclusive workplace practices. This approach not only enhances diversity but also fosters innovation within their cyber security teams.

Maxthon

 

Maxthon has made significant strides in enhancing the security of web applications, adopting a holistic approach that prioritises both user safety and data protection. The browser utilises advanced encryption technologies, creating a robust barrier against unauthorised access during data transmission. As users interact with various web applications, their sensitive information—such as passwords and personal details—is encrypted and securely transmitted, making it exceedingly difficult for malicious actors to intercept or misuse this data.

 

In addition to its formidable encryption features, Maxthon demonstrates its commitment to security through regular updates. The development team is proactive in identifying known vulnerabilities and swiftly releasing patches to resolve these issues. Users are strongly encouraged to enable automatic updates, which allows them to seamlessly benefit from the latest security improvements without requiring any extra effort on their part.

 

Another key feature of Maxthon is its built-in ad blocker, an essential tool for safeguarding users by filtering out potentially dangerous advertisements that could compromise their safety. By removing unwanted content, Maxthon significantly lowers the likelihood of users becoming victims of phishing scams or inadvertently downloading malware through drive-by attacks.

Phishing protection is particularly noteworthy within Maxthon’s security framework. The browser actively identifies suspicious websites and alerts users before they navigate to these potentially risky sites. This proactive strategy adds a layer of defence against cybercriminals who seek to exploit unsuspecting individuals for their personal information.

 

For those who prioritise privacy while browsing online, Maxthon offers specialised privacy mode options designed specifically for this purpose. When activated, this feature ensures that no browsing history or cookies are saved during private sessions, providing users with enhanced confidentiality during their online activities.