Connect with us

Hi, what are you looking for?

HEADLINES

Banking industry needs to upgrade security, competencies – UCPB’s Joey Regala

As cyber threats targeting financial institutions become more sophisticated and coordinated, there is a need to beef up cyber security to fend off attacks in banks where the money is. This is according to Joey Regala, president of Information Security Officers Group (ISOG) and VP and head of IS Operations at United Coconut Planters Bank, during the ISOG Summit.

ISOG President Joey Regala (fourth from left) with other ISOG directors

As cyber threats targeting financial institutions become more sophisticated and coordinated, there is a need to beef up cyber security to fend off attacks in banks where the money is. This is according to Joey Regala, president of Information Security Officers Group (ISOG) and VP and head of IS Operations at United Coconut Planters Bank, during the ISOG Summit.

ISOG President Joey Regala (fourth from left) with other ISOG directors

ISOG President Joey Regala (fourth from left) with other ISOG directors

“Your money is what we’re trying to protect from unauthorized access, disclosure, destruction, multiplication, inspection, recording and deduction,” said Regala, who discussed the current state of the financial industry and how information security officers (ISOs) protect banks and the money in it.

Regala said they, as security officers, focus on minimizing risk by implementing and maintaining a defense mechanism across network infrastructure to secure users’ information, systems, networks as well as money.

“Currently, we’re using the defense in-depth security strategy. We defend your money through a series of different levels of defenses such as fiscal layers, network layers, application layers, and so on and so forth,” said Regala.

They use different levels of defenses so that in case one defense fails, there are others that can still secure the money in banks.

Advertisement. Scroll to continue reading.

However, since they have been using this strategy for quite sometime, Regala stressed that as information security officers, “we believe we need to upgrade our defense.”

The signature-based detection is another strategy to protect banks. Regala said this instrument is based on a certain footprint or signature of a file and in case there is no signature, it can compromise the system.

Aside from these defense strategies that secure operations of banks, Regala admits that the banking industry needs to upgrade competencies of its people in order to meet the requirements of the industry especially now that hackers are more intelligent and threats are more sophisticated.

“Admittedly, we have lack of skills but we have skilled people. We do need to upgrade our competencies,” said Regala. “People in the banking industry are competent but as the hacking or as the vulnerability increases, the competency should be parallel or we should align with the needs. That’s what we are seeking.”

Regala said they can solve this by engaging people to promote a web of trust in the finance industry; by establishing the right standard and equipping people not only with right competencies but also with tools, equipment, firewalls, and so on; and by collaborating with anti-cybercrime groups.

Advertisement. Scroll to continue reading.

With the rise in sophisticated threats, Regala disclosed that the new breed of hackers has information asset as its new denomination. These assets consist of identity data – card number, account number, ATM number, information of a person and credentials.

“They don’t steal money but they can steal something that can be used as an instrument to get the money,” said Regala. “As people update security, hackers will also upgrade their attacks. They are impatient and they are no longer hooded.”

Because of this new breed of hackers, Regala is warning people to be more vigilant, more conscious and be aware of the threat.

“You should be aware because you are the endpoint, you are the victim. You are the weakest link to our security chain and this is the new concern of information security,” said Regala. “Before, we just defend. Now, the advance way of defending your turf is going beyond. We’ll be using more sophisticated tools and process all activities through their behavior. This is now the culture of information security.”

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The PLDT wireless unit is also calling on customers to report these messages to Smart’s HULISCAM portal for further action.

HEADLINES

Here are some tips from Sophos for staying secure online during the cybersecurity awareness month.

HEADLINES

While only 21% of hackers believed that AI technologies enhance the value of hacking in 2023, 71% reported it to have value in 2024....

HEADLINES

Kaspersky has enhanced its Kaspersky Industrial CyberSecurity (KICS), a native XDR Platform for industrial enterprises, and streamlined Managed Detection and Response (MDR) for Industrial...

HEADLINES

Smart has received reports about unscrupulous individuals pretending to be company executives or representatives of organizations asking for donations for made-up or nonexistent relief...

HEADLINES

Located in the Kaspersky office, the new facility will provide the company’s stakeholders with services ranging from an overview of Kaspersky’s practices, to a...

HEADLINES

Smart and Maya emphasize that they never send SMS with links requesting login credentials, personal information, or account verification. If you receive such a...

HEADLINES

In this new scheme, scammers call potential victims claiming that their phone number has been linked to illegal activities. The fraudsters would then extort...

Advertisement