JAIIB PPB Paper-2 Module-C Unit 8: Operational Aspects Of Cyber Crimes/Fraud Risk Management In Cyber Tech

07/04/2023

Table of Contents

JAIIB Paper 2 (PPB) Module C Unit 8: Operational Aspects Of Cyber Crimes/Fraud Risk Management In Cyber Tech (New Syllabus)

The IIBF has recently announced updates to the JAIIB Exam 2023, including changes to the syllabus and exam format. Candidates will now be required to complete four papers, with Paper 2 (Principles & Practices of Banking) covering Unit 8: Operational Aspects Of Cyber Crimes/Fraud Risk Management In Cyber Tech. This unit is particularly crucial for candidates, as it will significantly impact their performance in the exam.

To assist candidates in understanding the topic, we will provide all the necessary details related to Unit 8: Operational Aspects Of Cyber Crimes/Fraud Risk Management In Cyber Tech of JAIIB Paper 2 (PPB) Module C: Banking Technology. We strongly recommend that candidates refer to this article and utilize our Online Mock Test Series to enhance their understanding of Foreign Currency Accounts for Residents and other related aspects.

Candidates must comprehend each unit in the syllabus, including the Marketing unit, to excel in the JAIIB Certification Examination 2023 and establish a successful career in the banking sector. This unit is of great importance in the banking industry, and candidates must prepare thoroughly.

Fraud

Fraud is defined as the intentional use of deception to acquire an unfair advantage over another individual, most typically in the form of money. Cybercrime is defined as any criminal act that involves the use of computers or networks. Fraud can be conducted against individuals as well as against corporations.
Fraud is described in a variety of ways, including scam, con, swindle, extortion, sham, double-cross, hoax, cheat, ploy, ruse, hoodwink, and confidence trick, among others. Importance of cybersecurity in banking:

Risks for Banks from Cyber Attacks

Cyber risk continues to be a top concern for banks and regulators, with the evolving focus to include both systemic and idiosyncratic risks. The focus on systemic risk is to build better industry preparedness and cyber resiliency.

The following are the risks that can arise from Cyberattacks:-

Financial loss
Critical Data loss/breach
loss of productivity due to business disruption
Cost of investigation
Compensation to customers
Reputational damage
Regulatory penalties
Costs of recovering from disruptions
Investment loss

Threat Actor

Cyber Threats

The common threats to the bank are given below

Identity Theft
Data Breach/Theft
Hacking
Malware
Viruses
Ransomware
Phishing/Vishing/smishing/Pharming
Distributed Denial-of-Service (DDoS)
Cyber Squatting/bullying/warfare

Cyber Risk Mitigation Strategies

Cybersecurity risk mitigation is the practice of implementing security policies and procedures in order to lower the total risk or impact of a cybersecurity threat.

Risk mitigation can be divided into three categories in the context of cybersecurity

Prevention
Detection and
Remedy

Essential mitigation strategies for business continuity:

Defense In Depth

Defence-in-Depth security strategy is in which a succession of security procedures and controls are carefully placed throughout a computer network in order to safeguard the network and the information contained within it.
This strategy can dramatically improve network security by protecting against a wide range of attack vectors. It prevents any single point of failure and significantly increases the time and complexity required to compromise a network successfully.

Handling Cyber Risk by Banks

Banks have developed individual security operations centres (SOCs). These centres house an information security team that is responsible for continuously monitoring and assessing an organization’s security posture.
The purpose of the SOC team is to detect, analyse, and respond to cybersecurity issues using a combination of technology solutions and a robust set of policies and procedures.
Advanced forensic analysis, cryptanalysis, and malware reverse engineering are some of the additional capabilities that some SOCs can offer in order to evaluate occurrences.

Common Measures Adopted by Banks Against Cyber Threats

Banks have established Security Operation Centres (SOC) to monitor threats and protect the systems.

Some of the commonly deployed tools/measures are:

SIEM (Security Information and Event Management)
Vulnerability Assessment/Management
NBAD (Network behaviour anomaly detection)
Anti-APT (Anti Advanced persistent Threat)
Anti-DDoS (Anti Distributed Denial of Service)
Anti-Phishing, Malware Monitoring
PIM (Privileged Identity Management)
FIM (File Integrity Management)
WAF (Web Application Filtering)
Cyber Insurance
Involvement of Top Management
Staff/customer awareness of cyber security
Vulnerability/Penetration Testing
Adopting Best Practices and Frameworks

Security Operations Centre (SOC)

The Chief Information Security Officer heads the operations of the SOC. The purpose of the SOC team is to detect, analyse, and respond to cybersecurity issues using a combination of technical solutions and a solid set of processes.
Security operations centres monitor and analyse network, server, endpoint, database, application, website, and other system activities for anomalies that could indicate a security event or breach.
The SOC guarantees that possible security issues are recognised, assessed, defended, investigated, and reported accurately.

Cyber SOC or Cyber Security Operation Centre

Banks need to Set up and Operationalize (C-SOC) as per the RBI guidelines.

The systems that need to be put in place as a part of the Cyber SOC requires the following aspects to be addressed.

Top Management/Board Briefing on Threat Intelligence
Dashboards and oversight.
Policy, measurement and enforcement
Informing stakeholders, stakeholder participation.
Methods to identify the root cause of attacks,
Incident investigation, forensics and deep packet analysis need to be in place
Dynamic Behaviour Analysis
Analytics with good dashboard
Counter Response

Security Information and Event Management (SIEM)

SIEM is a platform for detecting, analysing, and responding to security threats of the next generation. Applications and network hardware security alarms may be analysed in real-time using SIEM software.
SIEM software can have many features and benefits, including: Consolidation of multiple data points, Custom dashboards and alert workflow management, Integration with other products.

VAPT (Vulnerability Assessment and Penetration Testing)

VAPT aims at Identifying vulnerabilities in the network, server, and system infrastructure.
Vulnerability assessment focuses on internal organisational security, whereas penetration testing focuses on the external real-world threat.
Banks conduct periodical VAPT exercises through approved third-party vendors, and the observations are classified into High, Medium and Low risks. It is mandatory to mitigate these vulnerabilities and report to the top management.

NBAD

Network behaviour anomaly detection (NBAD) provides one approach to network security threat detection. It is a complementary technology to systems that detect security threats based on packet signatures.

NBAD technology/techniques are applied in a number of network and security monitoring domains including: