Intelligent CISO caught up with Kamran Meer, CISO, United Bank Limited (UBL), to discover what operations look like in the banking sector as cyberattacks remain one of the biggest threats to the industry.
Can you tell us what your role looks like day-to-day?
I am responsible for information security of the bank. This involves everything from receiving team members’ updates on the bank’s overall cybersecurity status, along with any high-risk items and, where necessary, communicating these to senior management. In short, I oversee the smooth running of the bank’s security posture.
What are some of the cybersecurity implications you come across when working in the banking sector?
Unfortunately, the banking sector is one of the most heavily targeted by cybercriminals. We are always on the alert. We receive all kinds of threats – from basic phishing emails to more sophisticated attacks. Protection is a matter of having multiple layers of defence not just for the corporate network but also for our employees working from home during COVID-19 and for our customers.
What strategies do you have in place for overcoming cyber challenges?
Essentially, there are three security strategies that we must coordinate and run in tandem. The security technology strategy encompasses everything from our firewall to the endpoint protection. Coordination is managed by a team of security analysts in our Security Operations Centre (SOC). Recently, we have enhanced our SOC with the latest Security Orchestration Automation Response (SOAR) capacity. SIRP Labs’ platform provides our analysts with a clear view of the nature and severity of threat alerts while at the same time equipping them to make informed decisions about incident response priorities. Next comes the Board strategy whereby technical analysis about the nature and severity of threats is translated into a business context so they can easily understand and act upon it. Finally, we have a consumer strategy. This involves continually evolving our services and delivery platforms for our customers. For example, Digital Transformation is gradually changing the service delivery point from the physical presence on the high street to a virtual experience, using mobile banking. As these new services come on stream so do new risks and the onus is on the cybersecurity teams to stay several steps ahead of this progress.
How would you describe the current state of cybersecurity across the EMEA region and how do you expect it to develop?
The EMEA region is no different to any other in terms of the number of cyberattacks it faces daily. However, the overall cybersecurity picture in the EMEA region is maturing very quickly. Recent regulatory controls introduced by the government are ensuring banks submit to regular audit checks to ensure security policies adhere to industry best practice and standards.
How important is the protection of consumer data and what safeguarding practices do you have in place to ensure this?
Protection for customer data is paramount. Recent state bank and government legislation have beefed up the regulation governing customer privacy and data protection. The region takes PCI DSS and GDPR compliance very seriously. Banks are expected to do everything in their power to secure consumer data properly using data classification, database encryption and data leakage prevention techniques.
How do you expect the banking and finance sector to develop in terms of security preparedness?
We can expect banking in the EMEA region to follow along similar lines to the rest of the world. To stay competitive, we are evolving the Digital Transformation of our services. Before long, they will be almost exclusively available to customers via mobile or online. Automation and orchestration will be introduced to help under-pressure SOCs better prioritise and respond to increasing volumes of threat alerts. More and more services will be delivered via cloud applications – introducing highly complex, multiple points of risk. Here too, we can expect further automation to ensure security policy standards are instantly applied to every new point of risk.
What best practice advice would you give to someone looking to become a cyber professional in a role similar to yours?
All CISOs, regardless of geography, must continually study the global threat landscape and stay up to speed with the latest techniques to defend against them. CISOs require a mix of technical and people management skills, not least of which is the ability to speak to the Board on their own terms using the language of business.
What advice would you offer to CISOs?
Most CISOs come from a technical background but translating that technical know-how into language that resonates with the Board is a rare skill. It is one that a CISO would be well advised to acquire. Having the right blend of technical expertise and good communications skills gives a CISO the best chance of driving their cybersecurity strategy forward with the full support of the Board.Click below to share this article