Country’s 28 percent banks have no preparation to resist any possible cyber attack, 34 percent have partial arrangement while other 38 percent banks are well-off in facing any cyber attack, said a study report on Sunday.
The study report was presented at a seminar styled “IT Security in Banks of Bangladesh: Threats and Preparedness” at the conference room of Bangladesh Institute of Bank Management (BIBM) at Mirpur in the capital.
The study has found that incidents of ATM Card forgery takes place much more while the banks suffer a lot duty to lack of skilled IT workforces.
Abu Hena Mohd. Razee Hassan, former deputy governor of Bangladesh Bank attended the seminar as chief guest.
“In tune with the global trends, the banks of Bangladesh have been investing heavily in technology infrastructure solutions and manpower in recent years in a bid to achieve increased productivity, efficiency and profitability”, Razee Hasan said.
Referring to a research finding, he said that a lack of available software, skilled manpower and infrastructure, absence of long term vision, proper planning and initiatives; shortage of manpower, poor IT budget, weakness of business process reengineering, delay in procurement process and lack of appropriate and advanced training are the main problems in this area.
He recommended banks to allocate certain portion of annual profit for ICT budget for IT service in the banking system and to spend this budget for ICT infrastructure development and manpower training.
“IT Professionals can be recruited to fill up the gap between actual demand and existing manpower. Leadership quality and efficiency of IT project implementation team might be developed for successful design and implementation of banking automation projects’ Mr. Hassan suggested.
Former professor of economics of Dhaka University Dr. Barkat E-Khoda, Managing director of Islami Bank Bangladesh Limited Md Mahbubul Alam, country manager of Commercial Bank of Ceylon PLC, Bhormona Priyashanta Kolamuna, managing director of Modhumati Bank, Md Shafiul Azam were present in the seminar as panel discussants among others.
Speakers alleged that despite strict guidelines from Bangladesh Bank over establishment of IT Governance and IT Security for all banks in the country, still several banks are yet to comply with the directions.
They observed that the banking sector of Bangladesh has sometimes neglected cyber security because of the absence of stern and effective cyber security regulatory norms in Bangladesh, however, some basic level of guidelines and recommendations have been issued by Bangladesh Bank (BB) but they are still away from international standards.
Associate professor at BIBM, Md. Mahbubur Rahman presented the keynote paper in the seminar.
Speakers further said that ICT has become the heart of banking sector and has made banking truly global. Electronic banking is now-a-days the main technology-driven system for conducting financial transactions. The business operations in the banking and financial sector have been increasingly dependent on the computerized information systems over the years.
They alleged that cyber security has not been properly addressed by the banking sector of Bangladesh which has made the banking information and infrastructures vulnerable to sophisticated cyber-attacks.
Organized crime groups, cyber gangs, and other criminals breach systems for monetary gain i.e., to steal funds via account takeovers, ATM heists, etc.. As the cost of technology decreases, the barriers to entry for cyber-crime reduce, making it easier and cheaper for criminals of all types to find out new ways to perpetrate cyber fraud.
With the advances in IT, most banks in Bangladesh have migrated to core banking system and have moved transactions to payment cards, debit/credit and to electronic channels like ATM, Internet banking and mobile banking. Cyber-criminals with mechanisms like phishing, key-logging, spyware, malware and other internet-based frauds target specifically the bank customers.
Sophisticated malwares are targeting banking industry around the world. Malware like botnet is capable of stealing sensitive banking and financial information.
As many financial products and services directly or indirectly depend on ICT, banks have to think how to involve IT to minimize the cost and increase the efficiency, and how to provide better services to the customers ensuring reliability, safety and security. Otherwise, banks may face IT risks as well as business risks.