Answering the question
Posted: Mon Feb 10, 2025 9:57 am
Practice of information security provision in the Russian financial sector
Discussion of the most typical problems of the financial industry - this was the direction of the round table "Information security in the financial sector: current issues and new challenges", which was held as part of the conference "Security in the financial sector: trends, cases, tools", its moderator Lev Matveyev (SearchInform).
What the rating of threats to banks from the information security perspective looks like today, Andrey Kiselev (NRK-R.O.S.T.) immediately mentioned the notorious human factor: technical means of protection can be expanded and fine-tuned, but people inevitably either make mistakes or even side with the dark forces in matters of information security. He named vulnerabilities in software and incorrect configurations of IT and information security equipment as the next most important (which, by the way, are also most often associated with the human factor).
Andrey Kiselev was supported by Sergey Matveyev (InfoTeKS InternetTrust), who agreed that threats from the human factor prevail over all other information security problems, and not only in the financial sector.
Vyacheslav Kasimov (Moscow Credit Bank) reminded that albania whatsapp data can steal money both from banks and from their clients. Social engineering remains a sore subject for clients. Banks themselves suffer from hacker attacks, which are shifting towards web applications and attacks through third parties (the so-called supply chains). In his opinion, banks should try to protect themselves as much as possible from internal criminals even when hiring employees.
Agreeing with his colleagues regarding the impact of the human factor on information security, Oleg Volkov (Zenit Bank) recalled the need for correct restrictions on employee access to the bank's resources, as well as regular measures to improve the information security literacy of personnel and inform them about the consequences of violating information security rules.
Discussion of the most typical problems of the financial industry - this was the direction of the round table "Information security in the financial sector: current issues and new challenges", which was held as part of the conference "Security in the financial sector: trends, cases, tools", its moderator Lev Matveyev (SearchInform).
What the rating of threats to banks from the information security perspective looks like today, Andrey Kiselev (NRK-R.O.S.T.) immediately mentioned the notorious human factor: technical means of protection can be expanded and fine-tuned, but people inevitably either make mistakes or even side with the dark forces in matters of information security. He named vulnerabilities in software and incorrect configurations of IT and information security equipment as the next most important (which, by the way, are also most often associated with the human factor).
Andrey Kiselev was supported by Sergey Matveyev (InfoTeKS InternetTrust), who agreed that threats from the human factor prevail over all other information security problems, and not only in the financial sector.
Vyacheslav Kasimov (Moscow Credit Bank) reminded that albania whatsapp data can steal money both from banks and from their clients. Social engineering remains a sore subject for clients. Banks themselves suffer from hacker attacks, which are shifting towards web applications and attacks through third parties (the so-called supply chains). In his opinion, banks should try to protect themselves as much as possible from internal criminals even when hiring employees.
Agreeing with his colleagues regarding the impact of the human factor on information security, Oleg Volkov (Zenit Bank) recalled the need for correct restrictions on employee access to the bank's resources, as well as regular measures to improve the information security literacy of personnel and inform them about the consequences of violating information security rules.