Innovative approaches for cyber resilience in the financial sector
“Amateurs hack systems, professionals hack people”, said Bruce Schneier, expert in cryptography and computer security.
Internet users are being increasingly manipulated with perfectly falsified mails, information or entire websites, which leads to the transmission of personal data or even illegal transactions. Cybersecurity has increasingly become a topic of major concern throughout all economic sectors. Cyber threats, which are constantly changing and evolving with digitization, are a very serious hazard to global financial institutions. Banks not only have sensitive and personal data, but also products and services accessible online and must therefore protect themselves particularly against cyber attacks. Consequently, banking regulators are also paying attention to the need to strengthen cybersecurity.
The reputation of a financial institution that secures the capital of consumers and companies in a transparent operation is now becoming an essential element of the cyber security strategy. The aim is to sustainably increase resilience. The changing system landscape requires continuous progress in the development of secure IT architectures and protective measures against criminal attempts to gain access and control over digital assets. This goes beyond targeted technological measures, because many incidents have shown that human behaviour often represents a critical weak point for organizations. Therefore, activities have been set around the world to improve standards, guidelines and regulations in order to achieve a high level of resilience, especially in critical infrastructures.
In the first part of the online symposium "Emerging Cybersecurity Standards for the Finance Sector in Europe", which took place on November 27, selected research results from European projects on cybersecurity in the financial sector were presented. Christian Derler, Head of the Cyber Security and Defense Competence Group (JOANNEUM RESEARCH), moderated the symposium.
Dr. Branka Stojanovic, Senior Researcher at the Institute DIGITAL, is focusing on the application of machine learning technologies for cyber security problems. In her talk “Challenges of new Technologies – Distributed Ledger and Cybersecurity” she presented first results of the European Horizon 2020 project Critical-Chains and explained the advantages of the distributed ledger technology: it is disruptive, transparent and reducing operation costs.
The project SOTER – Cybersecurity Optimisation and Training for Enhanced Resilience in Finance – has been presented in the talk of Martin Griesbacher “Understanding the Role of Human Behaviour for Cybersecurity in the Finance Sector”, which had been performed as a kind of journey to show the critical steps for a proper understanding of human factors in cyber security.
Dr. Ronald Hochreiter, Professor at the Vienna University of Economics and Business, focused in his talk on “Cybersecurity Issues in Fin-Tech Artificial Intelligence & Machine Learning Systems” on contemporary AI & Machine Learning problems and identified three different types of attacks of modern AI/ML hackers. He concluded, that cyber security of AI/ML models is the contemporary and important issue, it is especially relevant for Fin-Tech applications.
In the second part, which was moderated by Martin Griesbacher, expert of the Research Industrial Systems Engineering, RISE, the stakeholders from the sector discussed about their current challenges and needs with regard to cybersecurity and standardization. Cyber security experts from European universities, Professor Tina Ehrke-Rabel (University of Graz), Atta Badii (University of Reading) and Robin Renwick (Trilateral Research Ireland) took part in the symposium and gave their comments on talks.