Qatar’s banking industry has attached great importance to cyber security with QNB suggesting a comprehensive programme, while Doha Bank views cyber security governance as not only an important area to be focused on and but also vital for the country’s sustainable growth. These views were articulated yesterday on the opening day of Fifth Information Security Conference, which is being organised by the Qatar Central Bank. Delivering a keynote address, Ali Rashid al-Mohannadi, executive general manager and chief operating officer at QNB Group, said in early 2018, the World Economic Forum announced that worldwide losses from cyber-attacks approached $1tn with the financial services industry and banks being consistent targets.
Highlighting that an analysis of 419 companies in 13 countries revealed that average cost of a data breach is $3.62mn, he said Saks Fifth Avenue, Best Buy, Sears, Kmart, Delta, British Airways are some of the high profile names that were all victims of cyber-related data breaches in 2018. The pace with which cybercriminals develop new ways of compromising systems and gaining access to valuable bank and customer data is accelerating rapidly.The banking industry is constantly on the back foot, racing to mitigate risks against an endless influx of new online security concerns, according to him. “The need to develop comprehensive cyber security programmes is therefore becoming, internationally and in the region a top priority for banks and vital to long-term business success. Great progress has been made by regulators, authorities and participants of the financial services and banking sector jointly co-operating on this. However, there is still much room for improvement and work ahead,” al-Mohannadi said.
Cyber security matters are taken extremely seriously in QNB and “we constantly review our controls and enhance our investment in tools and processes”, he said, highlighting that while cyber security used to be an IT topic, it has now become a permanent C-suite agenda item. Dr R Seetharaman, Doha Bank group chief executive gave insight on the General Data Protection Regulation (GDPR) and the Qatar Data Privacy Law. “The GDPR becomes important in the light of all major Banks and FIs in Qatar having their branches/offices where they are collecting personal information of EU (European Union) resident customers and processing/storing such information in Qatar and EU,” he said. He said various other countries are also coming up with similar laws hence, considering the global operations of Qatar companies, it is better to implement optimum controls to protect personal information of customers and employees thereby trying to meet the requirements of local and international privacy laws.
“Cyber security governance is an important area to be focused and pragmatic cyber security governance is key to Qatar’s sustainable growth,” Seetharaman said. He gave insight on some case studies on cyber-attacks and social engineering attacks. Some of the recent cyber-attacks include hackers implementing credit card skimming malware on Rail Europe website between November 2017 and February 2018. About 23,000 accounts are compromised by a data breach at Health equity in April 2018 when employee fell for a phishing scam. Hackers also gained access to Amazon DNS servers of Myetherwallet.com. “More and more disruptive advanced technologies are changing the paradigm of banking. At the same time, cyber threats are increasing rapidly. Increased web-based banking channels and interfaces to provide convenient services to customers, the more cyber threats and challenges,” Seetharaman said.
Sources and photo-credits: Gulf Times