Amid rising inflation and interest rates, and the growing number of cyber threats, businesses are constantly evolving in order to be resilient. This month, The Fintech Times is highlighting how businesses are showing this resilience against a myriad of factors – some within, and some beyond, their control.
So far this month, The Fintech Times has explored the likes of working from home, generative AI and cybersecurity trends. Keeping an eye on cybersecurity, we now turn our attention to some potential security challenges that we could see arise in the near future.
To find out more, we sat down with some experts to ask them ‘What challenges are cybersecurity firms anticipating in fintech during 2024 and beyond?’
Deepfake dangers
Tamas Kadar, CEO and co-founder of fraud prevention firm SEON, discusses the new ways in which AI is changing the face of fraud: “Whether it’s using AI voice generation platforms to spoof realistic-sounding voicemail messages or leveraging deep fake video technologies to create fraudulent FaceTime conversations, the emergence of AI-facilitated fraud techniques is becoming more and more noticeable.
“According to Regula, 37 per cent of organisations have already experienced a deepfake voice fraud, and 29 per cent have fallen victim to deepfake videos.
“Getting a grip on this issue won’t be easy, but there are practical steps that companies can take to ensure they’re responding to the challenge. As always, any effective prevention strategy begins with raising awareness and building education around the topic.
“This new wave of fraud can affect virtually every touch point of a business, so there’s little excuse not to ensure staff at all levels have a working understanding of it, to ultimately enhance personal safety and eliminate financial losses.”
Ransomware rises
Brent Johnson, chief information security officer at Bluefin, explains the types of attacks cybercriminals will increasingly employ: “Over the last few years, we’ve seen a significant rise in extortion-based ransomware attacks, which will continue to be a main focus for hackers for the foreseeable future.
“The best way to mitigate fallout from these types of attacks is a solid backup strategy, and to ensure data is encrypted or tokenized at rest so it is useless to hackers in the event of a breach.
“Additionally, cloud security and supply chain attacks will be a big challenge for all businesses, especially for fintechs as the trend to utilise third parties more and to secure payments in the cloud continues. Cybercriminals will increasingly carry out supply chain and cloud-based attacks, likely affecting a considerable number of companies per attack, so it’s critical that companies implement a zero-trust framework for accessing sensitive systems and data. Users must not only be authenticated properly, but their identity continually monitored and validated.
“With so many sophisticated attacks in fast-moving industries like fintech, it’s also very important for organisations to stay vigilant against more simple attacks like email phishing, which remains the preferred method for many cybercriminals and one of the top causes of breaches. Nearly three in four breaches involve the human element and employees must be well-trained to spot any signs of an email attack and need to know what next steps to take.”
Collaborations increasing complexities (and vulnerabilities)
Prakash Pattni, global MD for financial services digital transformation at tech corporation IBM, said: “Fintechs will continue to be embedded into banking ecosystems as financial institutions, banks and fintechs become more collaborative.
“This will increase complexity which, if not managed, can introduce vulnerabilities into the system. Second to this, more and more fintech firms will continue to utilise the cloud, which can introduce new cybersecurity threats, if the cloud is not configured and secured correctly. However, the strongest and best-prepared fintechs are those that can stay on top of the regulatory requirements, ensure full transparency with their banking partners and have a good understanding of how to design their cloud environment to mitigate risks.
“We expect there to be a rise in AI-powered cyberattacks, as bad actors use generative AI to create ever more sophisticated scams, for example making phishing scams harder to spot by avoiding mistakes humans can normally notice. AI and other emerging technologies will be used for both good and bad, so we are likely to see a rise in cybercrime.
“But in 2024 and beyond, fintechs will utilise security AI and automation to detect and prevent cyberattacks at much faster speeds than is possible with only human input. This will also lead to a demand for more people with AI-related skills, including those relating to cybersecurity, which are currently quite scarce, so we may see people from across various industries applying their skills to the fintech sector.”
Proactive protocols crucial
Christian Seifert, researcher-in-residence at the network of security intel in Web3 Forta Network, said: “Regrettably, even with the leaps and bounds we’ve made in cybersecurity practices, protocols remain susceptible, leading to significant financial losses in the event of successful hacks.
“What’s key here is the application of a multifaceted, comprehensive security approach, which undeniably lessens the risk factor.
“Nevertheless, a glaring void exists in the industry today when it comes to effectively tackling an ongoing attack quickly enough to stifle it or structuring the protocol in a way that minimises the damage if an attack proves successful.
“It’s crucial for protocols to be more proactive, adopting strategies centred around incident response and risk mitigation.
“Furthermore, there’s an urgent need to craft and trial approaches that will work in the wider industry setting, ideally in collaboration with monitoring and response partners.”
