Instead of juggling timely threat detection with optimizing customer experience, they can leverage two data management paradigms to enhance cyber resilience.

Over the past years of the pandemic, the growth and uptake of digitalized services has made many organizations — especially financial institutes — more vulnerable to cyberattacks and data breaches.

With countless transactions taking place online every second, many firms struggling to detect fraudulent and malicious activities. 

As fraud and cybersecurity threats continue to evolve and innovate, organizations need to adapt with flexibility and agility, or risk having their systems compromised. According to Suvig Sharma, Area Vice President (ASEAN), Confluent, in a worst-case scenario, organizations face heavy revenue losses from reimbursement costs or ransomware. The solution? Leveraging the quality data already present within the organization.

Suvig tells more in the following Q&A:

Suvig Sharma

Area Vice President

CybersecAsia: What must financial organizations do to modernize and bolster data governance and security?

Suvig Sharma (SS): Financial organizations can process large volumes of data across multiple sources almost instantaneously — by using event-driven data infrastructure,. This means being able to conduct end-to-end threat analytics that spans a broad timeframe for any minute anomalies, as well as across several threat vectors to gather ample contextual intelligence. 

For example, Australia’s newest bank, Alex Bank, leverages such an event-driven data infrastructure capture both transactional data and telemetry data to identify fraud attempts like account takeovers when an IP address changes unexpectedly. 

With a new level of data-driven insights in hand, financial institutes can undertake agile and preemptive responses to cybersecurity incidents, instead of struggling to contain damages in retrospect.

Cloud-native data streaming infrastructure further enables firms to enhance real-time interoperability across all their systems, applications, and data stores. This is a marked advantage for financial firms, which typically possess an ecosystem of offerings such as e-wallets, ATMs, virtual debit cards, and digital banking, along with partnerships with payment gateways and retailers.

With the power of data-driven decisions, companies can effectively mitigate potential damage and revenue loss, safeguard consumer data and uphold brand reputation.

CybersecAsia: When it comes to cloud security what are the biggest security threats that financial organizations face?

SS: Financial institutions realize that there are hundreds, if not thousands, of different forms of suspicious activity online, and across multiple touchpoints that they have to deal with on a daily basis. It would be near impossible and a waste of resources to map out every potential cybersecurity threat, especially as they become more sophisticated with the use of emerging technologies like generative AI. 

To effectively adapt to the evolving cyber threat landscape, organizations should focus on achieving full visibility of their data by eliminating data silos. This can be done by forming a fully integrated, real-time central nervous system of data, which will provide financial institutions easy access to and an overview of all transactional information as they happen. This complete overview provides internal teams with real-time context to intelligently identify anomalies and trigger early warnings, mitigating potential damage and liabilities.

Data governance is also indispensable for organizations to ensure a balance between liberating data across an organization and protecting data from unintended use. This is particularly important when handling Personally Identifiable Information (PII), which can be further safeguarded by encryption.

Organizations can use fully-managed governance for data streaming to expand the benefits of data in motion throughout their internal teams while ensuring data integrity for their customers. 

CybersecAsia: How can financial institutes eliminate the downtime of traditional batch processing and bolster real-time fraud detection? 

SS: Today, data is generated by an infinite amount of sources. Financial firms now operate across multiple offline and online channels, and face increasing demand to deliver enhanced customer experiences while ensuring high levels of security. To stay competitive, they need to set their data in motion. This helps eliminate the downtime that is characteristic of traditional batch processing, where data needs to be collected and downloaded as a data set before analysis and aggregation can take place.  

With this decoupled data capture, financial organizations can connect their data across all sources, and instantaneously process, store, and analyze all data in a continuous flow. This empowers the firms to improve collaboration and productivity as teams can directly access information in real-time that is specific to their needs. 

When needed, the use of decoupled architecture further provides a single, integrated platform that manages communication between various components, exponentially expanding the data pool on hand to harness real-time insights and drive informed decision-making across the organization. 

Also, decoupled architecture provides an added layer of security, allowing for different levels of access and encryption to be set for different users. The combination of data analytics and predictive modeling ultimately helps organizations intelligently prevent and preempt financial crime, without having to establish multiple customer authentication gateways often required for digital financial services — creating a secure yet frictionless user experience.

CybersecAsia: What are the data management trends and best practices for enhancing real-time threat detection? 

SS: Organizations should shift from working with static structured data sources to an approach that prioritizes data connectivity. Instead of processing data in isolation, it is better to aggregate all information from distributed environments at scale. This includes unstructured and structured data, event streaming, and real-time and historical data that provide insights into understanding and identifying risk indicators. 

While organizations regularly work with specialist SaaS providers to assess transactions for fraud, the latency involved can add friction to customer experience, and in some cases inadvertently allow fraud to take place. To work around this, financial organizations could look to stream processing and bring some of the evaluative and detection procedures in-house.

The use of real-time data streaming here can enable firms to achieve faster determination of suspicious transactions without relying on external partners and provides closure to areas where the transaction is conducted. 

Alternatively, organizations can also architect data streaming for proximity, where they can stream events to their SaaS provider directly for faster integration, ultimately speeding up the data analytic and threat determination process.  

CybersecAsia thanks Suvig for his insights on the data challenges faced by financial institutions.