search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Governance, risk & compliance


Yuval Illuz is developing new strategies to combat Covid-themed cyberattacks in the workplace.


upskilling and reskilling of our talent to bridge the cybersecurity talent gap will continue to be a priority as we focus on enhancing our human wall against cyberthreats.”


Aside from these very practical, day-to-day concerns, Illuz also thinks Covid-19 has occasioned a larger shift in the way we look at cybersecurity. The emphasis is moving away from preventative ways of managing risk (preparing for an incident before it occurs) and towards reactive ways of managing risk (adapting instantly to incidents). “2020 has taught us that the path to an overall stronger cybersecurity is agility,” Illuz explains. “This means having a more flexible cybersecurity architecture, helping our technology teams easily deploy the appropriate network controls. It also means investing in operational resilience as we grow trust and loyalty with our clients. And it means implementing a multi-cloud strategy, which enables us to better withstand the next threat to business continuity and prepare for the multiplicity of unknowns we faced all of last year.”


20,000- 30,000


The number of Covid-19 themed attacks a day in the US during the first wave of the pandemic.


Microsoft 54


“The bank aims to look at the business from a ‘threat-led’ lens to reduce the impact of new and increasing cyberthreats,” says Illuz. “We do this by identifying critical assets and sensitive data; determining the value cybercriminals could gain; exploring how these assets and data are currently stored and accessed; and pinpointing potential weaknesses and implementing resolution plans.” This said, he believes technology and processes are just one piece of the puzzle – while a predictable world can be effectively mastered with algorithms, a messy world requires human input. “Even the most stringent of plans are only as effective as the resilience of our first line of defence – our employees,” he says. “We continuously strengthen our ‘human firewall’ through training and awareness. We have also steadily increased our communications with our clients to keep them abreast and allow them to stay vigilant against the fast-evolving cyberthreat landscape.” The so-called ‘human firewall’ – a group of employees coming together to follow best practices, has been a point of weakness for many organisations during Covid. One commonly used tactic is the ‘spear phishing’ scam, in which an individual employee is targeted directly. They might receive an email, supposedly from their CEO, which asks them to make payments or supply sensitive information. To fix this problem, many banks are training a broader base of employees than they did before, with a greater emphasis on remote cyberthreats. “With a significant number of our people working from home, we now communicate and collaborate online more than ever,” says Illuz. “Therefore, we need to work harder to ensure the tools used meet the stringent security standards. Continuous


A zero-trust model Ultimately, then, Illuz thinks we are moving towards a zero-trust model, in which organisations are viewed less as a single entity and more as part of a wider ecosystem of different parties (including partners and cloud service providers, among others). Zero trust is how it sounds – a security concept predicated on the belief that you should not trust anything inside or outside your organisation. All users must be verified before access is granted.


“The same applies for solutions we implement, or apps we write – the zero-trust model will need to be embedded from the start,” says Illuz. “The challenge in doing this is how we keep our clients at the heart of it all – balancing a user-friendly experience with the complex requirements of various enhanced security practices.”


While we have no way of anticipating what lies beyond the pandemic, it would be safe to assume that today’s cybersecurity risks aren’t going to fade away as we all get vaccinated. Threats will continue to evolve, and the risk landscape will remain dynamic and dazzlingly complex.


Banks, in other words, will need to be vigilant if they want to quash tomorrow’s threats. They will also need to embrace this new reality as it is, rather than harking back to outmoded models of defence. “A survival mindset views disruptions as point- in-time crises to be addressed with the expectation that the organisation will revert to business as usual once the crises are over,” says Illuz. “To be future fit, we need to adopt a thrive mindset that recognises that disruption is continuous rather than episodic and embraces disruption as a catalyst to drive the organisation forward.” ●


Future Banking / www.nsbanking.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57