HCM CITY — Cybersecurity is one of the central issues in the digital transformation of the banking system.
To mitigate risks, banks must adopt synchronised solutions that include top-notch security technologies, an effective cybersecurity risk management process and a strategy to foster a cybersecurity culture, according to academics from the University of Economics HCM City Business School.
In a study titled ‘Cybersecurity risks in digital banking: The case of Việt Nam,’ Dr Phan Chung Thủy and other researchers said in recent years Vietnamese banks have embraced digital transformation and it entails security risks.
Typically cybercriminals attack banks’ systems to steal data or perform acts that cause losses to the bank and customers, it said.
Attacks targeting customers, impersonating bank employees, malicious fake messages purportedly coming from bank links, and websites disguised as banks’ to defraud customers are also becoming more widespread, it said.
The study cited Kaspersky as saying Việt Nam ranks 21st in the world in terms of phishing attacks with 673,743 recorded in 2020, only after Thailand and Indonesia in Southeast Asia.
According to a survey by the Việt Nam Information Security Association, more than 50 per cent of cyberattacks are aimed at banks and financial institutions.
A report by the Ministry of Public Security’s Department of Cybersecurity and High-Tech Crime Prevention said that in 2020 banks lost nearly VNĐ100 billion (US$4.39 million) in 4,000 cyberattacks, with a single bank suffering a loss of VNĐ44 billion.
To address these problems, the scholars suggested various solutions related to process, technology and people.
“The process-related solutions will focus on detailing steps in cybersecurity risk management together with detailed instructions to help banks identify and assess threats, and thus make active plans to prevent cybersecurity breaches and especially create effective incident response plans.
“The technology-related solutions are built by combining modern cybersecurity tools and techniques. They require banks to adopt artificial intelligence and ‘security orchestration, automation and response’ technologies, two types of technology that are appreciated by banks around the world.
“Despite its potential benefits, blockchain should be used with caution. There have been many reports recently that there are still many unknown hazards associated with this technology.
“For HR solutions, we suggest a proactive approach to raising awareness and fostering a cybersecurity culture at banks.”
The report also recommended that the Government and the State Bank of Vietnam should focus more on issues related to the legal framework and developing a national cybersecurity strategy.
Another solution is to limit cybersecurity risks for a comprehensive digital banking model.
“Based on the case of Brazil’s C6 digital bank, we recommend that authorities draft a comprehensive digital banking cybersecurity strategy.
“Furthermore, cybersecurity risks can be also mitigated with the use of a three-layer risk control model. In particular, the first layer is related to operating procedures, the middle layer is related to risk control and ensuring compliance with security principles and the final layer is related to internal control.”
It also offered some general advice to banks’ customers for protecting themselves against cyberthreats: by keeping personal information as safe as possible when using online banking services (installing anti-virus software and firewalls on network-connected devices), being wary of unscrupulous websites and fraudulent emails and messages and using different and strong passwords for different accounts. — VNS