KUALA LUMPUR: Malaysia needs to take precautions in cyberspace to protect the digital banking security of Malaysians against malware and ransomware attacks, said MetricStream.
MetricStream senior vice president and managing director of Asia Pacific Aravind Varadharajan said digital banking would be a mainstay here as Bank Negara Malaysia was expected to issue five digital banking licenses in the first quarter of this year.
However, Varadharajan said the rise of digital banking highlighted new security concerns and entailed specific measures at the enterprise level.
"Even when companies do appreciate the importance of managing risk correctly, McKinsey recently reported that their efforts were often on the surface level only. It is crucial for organisations to consider in-depth risk management strategies to overcome challenges to their security, privacy, and safety," he told the New Straits Times in an interview.
Varadharajan said instead of being risk averse, the positive approach of thriving on risk would deliver more value to organisations.
Moreover, he said by deploying the right digital tools, organisations can quantify and highlight potential threats faced, while simultaneously managing governance and compliance functions, making enterprises secure and more agile.
"New entrants to the digital banking space must adopt an integrated risk management (IRM) strategy to prevent, detect and respond to rapidly evolving risks," he added.
The days of traditional risk quantification are fading as there is an urgent need to readdress cyber security concerns as businesses stand to lose millions.
Experts are predicting the cost of global cybercrime to grow by 15 per cent per year over the next five years, reaching US$10.5 trillion annually by 2025.
Varadharajan said players in the digital banking space would have to develop a more thorough assessment of their risk landscape to be in a better position to capture and assess emerging and evolving risks.
Cyber risk quantification simplified the process by quantifying risks in monetary terms, he added.
"Assigning a dollar value to cyber risks better equips executive management to prioritise risks while driving stronger alignment between business priorities and cyber investments, ultimately enabling leaders to make sound risk-aware decisions.
"Apart from delivering better financial outcomes, cyber risk quantification helps organisations achieve cyber maturity and resilience, resulting in deeper client trust and improved credibility," he said.
Meanwhile, Varadharajan with the acceleration of digital transformation, combined with rising cybercrime, and a growing emphasis on environmental, social, and governance, there was a greater need for organisations to exercise transparency and adopt innovative technology to remain resilient.
He said digital banks would need to embrace a holistic approach to risk and compliance to strengthen decision-making, while also accelerating risk response, reporting and mitigation.
"While considering the best way to solve challenges specific to the banking and financial services industry, digital banks must also address a wide range of governance, risk, and compliance requirements including operational risk management, compliance, auditing, cybersecurity, vendor risk management, and business continuity planning.
"These days, navigating both current and emerging risks across geopolitical, digital, strategic, third-party, cybersecurity, and compliance, is only achievable with IRM.
"As they build trust with regulators, investors, and customers, the banking and financial services industry should move from a risk-averse approach to one where they can confidently manage and thrive on risk," he added.