The State of Commercial Banking and Security

The shift to digital banking has been a game-changer for financial institutions. But while digital has opened up whole new avenues for customer experience and revenue within the banking sector, one major worry continues to cause many financial professionals to lose sleep: Cybersecurity.

The banking industry is home to troves of valuable data—not to mention money—making it one of the biggest targets for cybercriminals today. Moreover, as financial institutions face more threats than ever—80% of financial institutions reported a rise in cyberattacks in 2020, which is 13% higher than in 2019—banks’ security resources have been exhausted, making it more difficult to detect and respond to security threats in a timely and effective manner. This has created a perfect storm that cybercriminals are looking to capitalize on.

With that in mind, here are a few areas that financial institutions should prioritize as they look to fortify their cybersecurity operations.

Tackling the Legacy Infrastructure Problem

The cloud computing revolution has taken many businesses and industries by storm. However, although the banking industry is perceived as being on the cutting edge of technology adoption, the fact is—particularly in the commercial banking space—that many banks still rely on legacy infrastructure and other traditional technology tools. On-premises warehouses are a huge security vulnerability; but they’re one example that many organizations in the financial world still rely on today. Rife with potential security issues and other operational challenges, on-premises infrastructure is incredibly time-intensive and costly to manage properly. Additionally, on-premises infrastructure is extremely rigid and is not easy to scale and adapt—meaning that unintentional security hiccups can occur should a company onboard new technology or look to expand its on-premises infrastructure to cope with company growth. Luckily, these headaches can be avoided. By switching to the cloud, not only does it become easier for day-to-day security staff to manage operations and defend against potential threats, but it also unlocks new organizational agility as well. Thus, the time may finally have come when banks need to trade in those physical stacks for a more streamlined and secure way of doing business.

The COVID-19 Effect

Digital transformation efforts have been underway in the banking sector for a long time. However, even the most sophisticated banks still felt the strain as COVID-19 drove banking interactions almost entirely online. And while many banks did an admirable job spinning up their digital operations at an incredibly rapid rate, the security of these digital experiences often took a back seat as banks raced to “get online” as quickly as possible. With that, it is imperative that banks backtrack and make sure that their technology is as secure as it can be. This means not only ensuring that new consumer-facing apps are up-to-snuff but also double-checking internal operations to make sure that best practices for employees are up-to-date and only secure devices are being used—among other things. 

Leveraging APIs

 Building secure solutions is a huge undertaking from both a time and cost perspective. Which is why many banks are trying to retrofit and update existing apps as opposed to adopting more modern tech. Enter APIs. Application programming interfaces (APIs) can save banks from some of these security concerns while providing the desired customer experience. By leveraging APIs, not only can banks provide innovative solutions to their customers at a faster pace, but they can offload the heavy-lifting of building solutions to trusted third parties—saving them time and money. Furthermore, as more of the financial world shifts to open banking, having secure APIs in place will help banks more easily adjust to this new way of doing business.

The cybersecurity threat landscape is as hectic as it has ever been, and unfortunately, it will likely continue heating up. However, by keeping these few items in mind, financial and banking institutions can tackle many of the pressing security issues they face today and also better position themselves for the future cybersecurity threat environment as well.

Avatar photo

Maryam Hamidirad

Maryam Hamidirad is head of cybersecurity at FISPAN. As the market leader in ERP banking, FISPAN works alongside some of the largest global banks, such as J.P. Morgan Chase and City National Bank, among others.

maryam-hamidirad has 2 posts and counting.See all posts by maryam-hamidirad