There is an acute shortage of IT Security specialists that can be engaged to fend of cyber threats. Increasing digitization and the proliferation of interconnected devices have resulted in greater avenues for cyber-criminals, but until recently, educational& training institutions have not expanded capacity quickly enough to keep pace with demand in the sector. What is critical is building an awareness programme, which then be extend and applied to every organization regardless of whether it is in financial or non-financial sector, behavioral economics or digital manufacturing.
Cyber-attacks against banks and insurance companies are on the increase. They are becoming more sophisticated, destructive and costly. Cyber security is no longer an IT problem, it is a major boardroom concern. The risks posed by cyber criminals are enormous. Theft of money and data from corporate and customer accounts, disrupted services, sabotaged IT systems and damaged reputations are of much concern of the professionals, this is because, the most serious attacks can hit revenues and profits so hard that a company’s very existence is threatened.
The national cyber security strategy of Bangladesh outlines a framework for organizing and prioritizing efforts to manage risks to our cyberspace or critical information. Cyber security is a challenge that demands truly international solutions. Therefore, we need to commit ourselves to joining regional and international partnerships creating solutions for addressing the cyber security challenges regardless of threat.
The Cyber Security Strategy of Bangladesh identifies the following major activities:
- Promotion of a national awareness programme.
- Implementation of a cyber-security awareness programme.
- Encouraging cybersecurity culture development in business enterprise.
- Adding cybersecurity awareness to the national education curriculum as a way of spreading knowledge to pupils and their relatives.
- Engaging civil society in outreach to children and individual users.
- Promotion of private sector support for professional cybersecurity certifications.
The National Cybersecurity Strategy identifies the following major actions and initiatives to reduce threats and related vulnerabilities in Bangladesh:
- Create a process for national vulnerability assessments to help understand the potential consequences of threats and vulnerabilities.
- Designate important systems as critical information infrastructure and enforce an accreditation regime around them.
- Enhance law enforcement capabilities in the investigation, prevention and prosecution of cybercrime.
- Require the use of evaluated software products.
- Prioritize national cybersecurity research and development activities.
- Asses and secure emerging systems.
- Participate in international efforts to improve the security of internet protocols and routing technologies.
Considering the need for creating awareness among professionals of financial sector,Bangladesh Institute for Professional Development (BIPD)had designed and organized a learning programme on “Cyber Security” back in 2016. Outlines of the learning programme are as follows:
- Basic ideas on cyberspace, cyber security issues, cybercrime, cyber-terrorism & cyber warfare.
- Why we need to know about & put more stress on the cyber issues.
- A brief history of the biggest cyber incidents.
- Current trends in cybersecurity and cybercrime.
- A projection into the Future.
- Understanding the threats in cyberspace.
- Types of threats
- Origins of threats.
- Detailed discussion on threats.
- What other threats lurk in future.
- How & why we are vulnerable.
- What is at stake?
- Quantifying the loss caused by cybercrime.
- Specialized virus, worms, Trojans and malwares targeting financial institutions: How these canevolve, affect and cripple a company.
- The Approach: International-National-Organization-Individual.
- An overview of the international best practices.
- Our national policies, legislations and initiatives regarding cybersecurity and cybercrime.
- Organizational Policy imperatives.
BIPD has also arranged a workshop on “Cyber Risk in Financial Sector: Measurement & Management” to be held on July 29, 2019 at Dhaka. The workshop will be conducted by Dr. Madhusudan Acharyaa. Dr Madhu Acharyya is a senior lecturer in Risk and Finance at Glasgow Caledonian University and programme director for MSc Risk Management and MSc International Banking, Finance & Risk Management at the London campus of his affiliated institution. He completed PhD in Enterprise Risk Management (ERM) from the University of Southampton, UK. He is the recipient of 2006 SHIN Research Excellence Aware for Insurance Scholarship awarded jointly by the Geneva Association (Switzerland) and the International Insurance Society (USA). He is also a fellow of the Institute of Risk Management (IRM), London and associate of the Chartered Insurance Institute (CII), London.
He will discus at length the following topics:
- Lessons Learnt from Recent Cyber Scandals- Case Studies (Implications in Bangladesh)
- Protecting Customers’ Data through Cyber Regulations- Insights from US NIST.
- Cyber Loss data Capturing & Reporting (analysis of relevant scenarios in Bangladesh)
- Cybersecurity Framework & European GDPR. (Analysis of relevant scenarios in Bangladesh).
- Policy Wordings of Cyber Insurance; Claims trend; Brokers Perspective.
- Measuring & Modelling Cyber Risks for Banks & Insurance (analysis of Data and computation of Excel & risk software)
- Pricing of Cyber Insurance (analysis of Data and computation of Excel & risk software).
- Aggregation and Accumulation of Cyber Scenarios.
- Filling out the online questionnaire on the knowledge of cyber risk in banking & business.
The course has been designed to suite the senior and mid management of relevant departments, specially Information Technology; Accounts, Audit and Administration of banks and all other financial institutions including insurance, merchant/investment banks, asset management, broker house/ securities companies and so on. This workshop will help the participants to understand what makes a business resilient by effective management of risks in order to build resilience and thus ensuring continuity through nimble and effective cyber security strategy.
This workshop will help us to dig out what we need to know more about and put more stress on the cyber issues.