While the world grapples with the impact of the Coronavirus pandemic, managing risk has taken on new meaning in the past few months, as has staying safe. Recently we sat down with Absa group chief security officer Sandro Bucchianeri to  discuss cybersecurity, pandemic, and dealing with unforeseen threats.

As the past eight weeks have demonstrated, the pandemic and cybersecurity have something in common, with both generating a fluid and rapidly changing environment, rife with uncertainty.

Bucchianeri began by explaining that, over the past two and a half years, the bank had been busy preparing itself for today’s landscape. More specifically, he elaborated, Absa has established a security division, called the Converged Security Office. As the name suggests, this consists of three components – physical security, which, he noted, many forget is part and parcel of security; cybersecurity and thirdly a resilience division. The latter, he explained, was established to “ensure the bank can function in the event of a crisis.”

Sign of the times

It is planning that in the last few weeks appears to have paid off, with concerns around business continuity and resilience in the face of an unforeseen crisis becoming all too tragically relevant in this first half of 2020.  

“We believe that the marriage of those three areas specifically puts the bank in a significantly better position than we would be if it was now just focusing on cyber or just focusing on physical security, for example. That is how we defend the bank against the multitude of threats that we face on a daily basis,” he explained.

The threat landscape today

The constant question in cybersecurity is also a familiar one: what are the threats that public, businesses, and countries are facing today?

“We are still seeing the typical threats, like ransomware and phishing, that have present for quite some time and still persist. But, as computing power has become cheaper over the years, there have gotten more advanced,” he noted.

Bucchianeri added that what is changing on that front is that the rates of attacks, whether they be denial of service or phishing variants, have increased significantly.

“That is why a large part of our defense strategy focuses on fostering greater awareness, amongst our customer base and the general population. That makes the attackers’ job considerably more difficult,” he noted. Nonetheless, the modus operandi of attackers is somewhat predictable – lots of DDoS attacks at certain times of the month to try disrupt the bank’s services, accompanied by phishing expeditions to lure customers into giving out their details to the wrong crowd.  

Bearing that in mind, what should people watch out for? Time/event related scams, in a word. Just one example of this could be phishing scams related to SARS around tax season. As well, expect to see attackers prey on people’s fears around the Coronavirus pandemic and try use it to their advantage.

Resolve and resilience

One concept that has become increasingly mentioned as regards business and security is resilience. Indeed, if you can’t dodge hardship, then the next best thing is to mitigate and outlast it.

Bucchianeri drew a fascinating parallel between business resilience and big data, explaining that in its efforts to handle uncertainty, the bank correlates data from different parts of the business. In the case of Coronavirus, that has included travel, news, outbreak information and infection rates.

“We do rely heavily on big data and analytics and intelligence, and while it may be looking for a needle in a haystack, so to speak, we have a rather powerful electromagnet, which enables up to draw to us the right information we need,” he continued.

He stressed though that the bank doesn’t just leverage data and analytics from a cybersecurity perspective. Rather, its strategy is to bring together the intelligence it gleans from the physical security and resiliency arenas together and then consider how the communities it operates are being impacted. Only then does the bank hone it down to what this confluence of data means to their operations.

The closing takeaway for part one of our interview with Bucchianeri is that cybersecurity should not be viewed in isolation, and that risks, whether from predictable cybercriminals or wholly unpredictable viruses, have a broad spectrum of impacts.