Accessibility Links

Sky High Demand for Cyber Security Skills in Banking

Date: 28 January 2016

Cyber security is a growing area of concern for a number of industries, but for the Asian banking sector it is set to be a high priority in the years to come. Companies and regulators across the region are being urged to invest in cyber security staff and systems in order to keep up with what is a rapidly evolving environment.

The Wider Industry

Singapore has invested over $91 million in a National Cyber Security Masterplan to improve government and military departments’ defence against potential attacks, and Indonesia has established a centralised cyber security commission to begin operations in 2016. Malaysia suffered nearly 12,000 cyber-attacks in 2014 and is seeking to create a more structured legislative framework to improve its online defences in the years to come.

Turning attention to Hong Kong, the city state reported an average of 1,245 security-related incidents this year, representing a 417% increase compared to the previous 12 months.

"Hong Kong has seen a 517% increase in cyber security incidents between 2014 and 2015" – PwC

Bankers and those involved in financial services in the region are concerned about the effects of a cyber-attack and the lack of suitable online defences. Nearly two-thirds (64%) of respondents to a FICO survey stated they felt unprepared for a cyber-attack, as only 41% of banks in the APAC region were found to have a cyber-attack response system in place. The survey questioned 34 senior risk officers and banking executives from 23 financial institutions across the region.

"64% of bankers feel unprepared for a cyber-attack" – FICO

A further study from EY found similar results, with 56% of Singaporean respondents believing their IT security budgets require an increase of 50% in order to align their organisation’s need for protection with its management’s tolerance for risk. This survey questioned 1,750 organisations from all major industries from 67 countries; 35 of these organisations are based in Singapore.

In Hong Kong businesses are already taking action against cyber-crime by investing more in security measures. Some companies have increased their budgets by 16%, with cyber security spendreaching an average of $7.9 million in mainland China and Hong Kong; this is a significant increase from the global average of $5.1 million.

"44% of Singapore organisations have no dedicated security operations centre" – EY 

Paul O’Rourke, the cyber security leader of APAC for EY, said: “Businesses should not overlook or underestimate the potential risks of cyber breaches. Instead they should develop a laser-like focus on cyber security and make the required investments.”

However, less than half (44%) of the Singapore organisations questioned did not have a dedicated security operations centre. This placed Singapore as the fifth most-anxious nation in regards to cyber security, with Hong Kong placed first, closely followed by Malaysia.

Emerging trends in banking

A recent PwC Global State of Information Security Survey 2016 has highlighted the need for digital innovation and online security in the banking sector, specifically in Asia, due to emerging concerns. The security standards of third-party vendors, rapidly evolving technology and cross-border data exchanges were listed as the most significant cyber security challenges facing the financial sectors in the years to come.

The use of mobile technology by customers was also listed, with a study from Bain & Company finding mobile to be the most-used banking channel in 13 of 22 countries. Mobile consumer banking also accounts for 30% of all interactions worldwide.

"Mobile consumer banking accounts for 30% of all global interactions" – Bain & Company 

New opportunities

These emerging trends are leading to more jobs in the sector and hiring managers are seeking individuals with the relevant skillsets. Candidates able to demonstrate experience of cyber security will find more opportunities open to them as they are capable of bringing new skillsets into the financial workplace and can help institutions face the challenges of the future.

Some of these skills and specialisms include:

- Knowledge of information security and technology risk

- Data science and data analytic experience

- Understanding of cyber security strategies

- Cyber security specialists and managers

Why these skills are required

Singapore and the APAC region are following in the footsteps of the US and China; countries that have been discussing cyber security for a number of years and are ahead of the curve now that cyber security has become a global threat.

Online security used to fall under the remit of IT infrastructure department within financial institutions. However with increased regulatory and compliance pressures being implemented since the credit crisis, companies are having to increase their focus on risk and security. Until recently this area did not specialise e in this space, therefore candidates with a thorough understanding of cyber security issues are in short supply.

Banks including J.P. Morgan, Deutsche Bank and Citi are expanding their data analytics teams in Singapore and Hong Kong, and private banks are recruiting data scientists so that they can leverage the data from their clients and social media platforms to make informed predictions about shifts in the market.

Candidates with experience acting as a cyber security strategist will benefit from banks in the region looking to prioritise cyber security spending in order to protect themselves from internal and external cyber threat.

The roles emerging

Specific roles appearing in the APAC region are those of:

- Chief Information Security Officer (CISO)

- Head of IT Security

- Head of Technology Risk

- Senior Manager – Information Risk

- VP Information Security

- IT Security Associate

Roles range from senior positions right down to those at junior level, highlighting the need for professionals at all level with cyber security experience to help financial institutions best position themselves to manage such risk.

For further information on the roles available in the Asia-Pacific region or if you are recruiting for your Cyber Security team, contact Selby Jennings.