BS BFSI Summit: 'Cybersecurity took a back seat in post-Covid Cloud rush'

Most banks and other financial services organisations are still grappling with cybersecurity challenges stemming from the rapid migration to Cloud environments in the post-pandemic years, increasingly stringent regulations, and emerging technologies, according to experts.

A panel discussion on the topic of ‘Using Cloud & Data Centres to Mitigate Disruption and Address Security Challenges’ at the Business Standard BFSI Insight Summit in Mumbai on Monday highlighted obstacles such as skill shortages, disorganised Cloud adoption, and compliance burdens as significant issues for the sector.

Ranjeet Bellary, partner at EY, remarked, “During the post-pandemic era, digital transformation accelerated at unprecedented levels. Many clients swiftly transitioned to platforms like the Cloud to enable remote work and ensure accessibility for their customers. Naturally, cybersecurity took a back seat as business priorities took precedence.”

Bellary pointed out that while the Cloud offered flexibility and agility to accelerate transformation significantly, cybersecurity is still trying to catch up. He emphasised the need for shared responsibility during the transition to on-Cloud storage.

Rajesh Mirjankar, managing director and chief executive officer at Kiya.ai, noted that Indian banks were well-equipped for robust digital transformation, thanks to the foundations laid by digital public goods such as Aadhaar and the Unified Payments Interface, which gradually introduced regulations for the sector.

“When we consider Web 3 environments or artificial intelligence (AI)-driven decision-making, the Cloud is the preferred approach due to the scale of data and decision-making. Banks should ensure their systems offer data encryption at rest and during transit to the Cloud. They can also explore data segmentation and adopt a hybrid model,” Mirjankar said.

He added that while banks have stood the test of time on digitisation, they continue to rely on decades-old data storage designs.

“When customers move to the Cloud in a hurry, the consolidation of technology is crucial to optimise technical debt. Moreover, data migration to the Cloud should not treat security as an afterthought. Many organisations tend to bolt in security instead of building in security, and we should avoid that,” said Raghavendra Singh, global head, Cloud security Center of Excellence at the cybersecurity practice of Tata Consultancy Services.

Sujeeth Williams, director of sales at NTT Global Data Centers, shared: “While there is significant demand for data centre services, it’s essential that individuals conduct research before entering this sector.”

NTT manages 16 live data centres across the country with 204 megawatt (Mw) of information technology (IT) loads, and plans to add another 80 Mw of IT loads to its data centre capacity by March 2024.

The panellists believe that generative AI (GenAI), the latest buzzword in the technology landscape, can be a huge asset in cybersecurity by driving efficiency.

Prakash Bharath, director, India and South Asian Association for Regional Cooperation business, Freshworks, emphasised the benefits of adopting GenAI in their solutions and tools, citing cost savings for clients and increased efficiency for employees.

“We began investing in AI in 2018, with a focus on customer and employee experience. GenAI plays a crucial role in achieving this. A recent Forrester report stated that customers can save $2.1 million annually by using GenAI tools — a direct cost reduction,” he explained.

Bharath shared instances where Freshworks has seen the impact of GenAI, such as automating incident summaries in customer support, significantly reducing time spent.

“Previously, it took five minutes; now it’s automatic. One common question is how long it takes to deploy GenAI tools, and we can do it in just 10 minutes,” he added.

In the case of data centres, Williams stated that NTT, which invests $3.5 billion in global research and development, allocates a significant portion to AI. They use AI for predictive monitoring, downtime reduction, power efficiency, and optimising cooling systems.

Bellary stressed that the use of GenAI in cybersecurity is helping address the industry’s skills gap. In 2023, nearly 80 per cent of breaches are expected to involve some form of Cloud data. Therefore, in the security realm, challenges abound. Using technology to predict malicious patterns and identify threat actors can quickly detect incidents with GenAI, proving highly beneficial.

“It’s only going to enhance the role of an SOC (security operations centre) expert,” he said.