An international cyber security expert working for protecting cyberspace of the government of Bangladesh said here today the organizations, financial institutions (FIs) and their clients must comprehend that cyber threat and crime models have been changing due to fast growing digitization.
“There should be mandatory physical security and numerous cyber security guards assigned and trained appropriately in each organization to protect its own cyberspace,” said Dr. Vilius Benetis, CEO of Norway based NRD Cyber Security (CS) in an interview, reports BSS.
He said instead of physical attacks on banks, the criminals are now benefiting from cyber-attacks and therefore financial institutions should develop new skills and knowledge on how to protect them.
The NRD CS has been appointed by the World Bank financed Leveraging ICT for Growth, Employment and Governance (LICT) Project of Bangladesh Computer Council (BCC) under ICT Division to enhance cyber security skills of the government officials and provide support to form Computer Incident Response Team (CIRT).
Missing proper knowledge on the new threats and lack of skills on how to use methodologies, technologies and implement cyber-hygiene are the main hindrances to the cyberspace protection of the most organizations and financial institutions (FIs), Dr. Vilius observed.
He suggested that financial sector organizations should start from building their own capabilities to protect their cyber space through forming internal CIRTs, adjusting processes and then they should cooperate in an organized way with other national and regional CIRTs to ensure the security of their assets and clients.
“Additionally, organizations should focus on their cyber-security hygiene, adopting and implementing such practical frameworks like CIS Critical Security Controls, which already benefited many organizations around the world,” he added.
Describing the role of cyber defence companies in tracing the security breaches, NRD CS manager said that their task is to empower the financial institutions to be able to secure and monitor their IT and banking systems, detect incidents and respond appropriately in order to reduce losses.
“It is done by the means of creating internal CIRTs of incident handlers who work according to a specific process,” he said.
Dr. Vilius is in favor of allocating adequate budget to deal with cyber-security issues as more assets are moving to digital world and said more investment is required to protect it.
“What is not so obvious is that cyber-hygiene is not expensive at all due to many existing commercial as well as open source tools. What actually costs the most is the setup of appropriate processes allocating teams, and building the required human skills,” he added.