Cybersecurity in digital banking: new threats demand new strategies

Banks and other financial institutions have been the target of choice for fraudsters, scammers, and other criminals since the beginning of time. With the ongoing digitalization of the entire banking universe, new and increasingly sophisticated risks have emerged, but there is also a new set of tools, constantly being redesigned and improved to protect both customers and financial providers, and to keep their confidence high when moving towards a new digital era. ebankIT has long listed cybersecurity as one of its top priorities, creating new strategies and offering the best training to its own staff and network of clients and partners.

Being one step ahead: Perceiving cybersecurity as way of living

As one of the prime targets for cybercriminals, financial institutions have been at the forefront of the cybersecurity efforts for years, aiming to protect the vast amount of sensitive information from their clients, both personal and corporate. However, variables such as the increasing number of user-operated devices, and the rapid adoption of digital platforms by a new wave of customers – especially during the Covid-19 pandemic – have raised the threat level to an unprecedented scale.

In these ever-changing times, both financial institutions and digital providers must learn how to expect the unexpected. Relying on the words of Nuno Mateus Coelho (speaker at the last ebankIT Summit), “Cybersecurity must be perceived as a way of living”, not as an emergency tool, only used when facing a threat or during an ongoing attack.

To face the ever-growing Cybersecurity threats, financial institutions must stay one step ahead of the game. Nowadays, there are a growing number of challenges to overcome: cyberwar, cryptojacking, anti-democratic cyber-attacks, cyberespionage, major data breaches, and so on. The list is potentially endless and the only solution possible is to stay vigilant and innovative as the threat landscape is changing very quickly.

The ebankIT approach: It is always better to be future-proof than sorry

Over the last years, ebankIT has been focused on accelerating the digital shift for financial institutions. In this continuous effort to reshape the digital banking experience – for both customers and banking providers – cybersecurity has always stood out as one of the most important variables in the equation.

When redesigning and updating the ebankIT Omnichannel Digital Platform, we have no doubts that innovation is always the key. Regarding cybersecurity, ebankIT has long developed the ability to integrate with external systems, which allows us to continuously improve by adopting the latest developments of specialized systems. Our platform also resorts to machine learning and Artificial Intelligence to validate behavioral patterns and use their feedback to determine which actions to take at each moment. Each ebankIT banking mobile app, for example, complies with the most advanced and safe standards on the registration and authentication procedures, using different methods, such as multi-factor strategies and biometric technology.

At our innovation labs, our team also works closely with Cybersecurity Experts and Consultants, whose sole purpose is to keep up with all the latest developments in terms of digital security. Not only do they provide us with valuable insights, but they also conduct sophisticated vulnerability tests on our platform. Finally, we continuously articulate with our client’s security teams (both internal and external) to gather additional feedback and recommendations.

Better than solving a cyberattack is preventing it

A fundamental step towards building a strong cybersecurity protection system is identifying the biggest threats and possible attack modes. At ebankIT, our innovation labs also regard themselves as real testing labs, where each new update is tested to analyze potential weaknesses, strengthen overall defenses and remain compliant to every local and international regulation.

Within ebankIT, every testing process complies with the most up-to-date standards regarding the control and availability of documents and data. Information is codified and classified, in order to prevent any breach or leak. ebankIT also adopts Software Development Lifecycle (SDL or SDLC) that is repeated for each incremental release, always with a security-first approach in every aspect of the cycle.

The secret for a secure and efficient testing procedure is also accomplished by a deep environmental separation between development, testing and production. Sensitive data is not commonly shared between different environments.

Raising Awareness: Training future generations of both professionals and end-users

The question about cybersecurity is that is a never-ending battle. Cybercriminals will keep testing innovative ways to conduct ransomware and trick both professionals and end-users into giving away sensible data. Therefore, financial institutions need to stay ahead, not only in terms of technology, but also in terms of personal motivation and qualification. Both staff members and end-consumers must be aware of the risks and advised to follow the best practices.

At ebankIT, our Academy has been long focused on supporting employees, partners, and clients in acquiring and improving technical and behavioral skills. Cybersecurity is always a hot topic: it is important that each element on the network is updated and fully aware of everything that can be done to prevent leaks or attacks.

This is an additional challenge, especially for small and mid-size financial institutions, more closely connected with their local communities. ebankIT Omnichannel Platform is long used to help these financial institutions step up and accelerate their digital offer, and one of the most common pain points those customers encounter in journeys today is complying with cybersecurity habits. Especially those who are new to digital technologies – senior users (from 55 to 65 years old) are often targeted for cybercrimes such as Credit card fraud or identity theft.

At ebankIT, we are all very aware of the tremendous damage that these situations can cause on community-oriented financial institutions. Therefore, we are laser-focused on fighting the problem on both fronts: with innovative technology and continuous training.