Data as a strategic asset
Are you aware that your organisation lost 15% to 25% of its operation budget due to poor data quality?
Do you know a billion dollars can be stolen by a single cyberattack?
Let’s review the case of the Bangladesh bank cyber heist, where almost US$ one billion was illegally transferred from the Federal Reserve Bank of New York to a bank account in the Philippines.
This was a very organised cybercrime. This criminal organisation knows that hacking the Federal Reserve is almost impossible. It is one of the most secure places, with huge investments in security and a dedicated cybersecurity team. However, if they cannot hack the Federal Reserve, they may hack financial institutions or central banks from other countries that work with the FED.
These hackers conducted research to determine which banks have the largest deposits in the FED and more vulnerabilities. Bangladesh Bank has a huge amount of US currency in FED and several vulnerabilities. As a result, the Central Bank of Bangladesh has become the target.
How do they enter the banking system?
As with most security breaches in any sector, there are two main causes of failure: human error and technical error.
Human error is hard to avoid; we are human beings, and we make mistakes even unconsciously.
Technical error, we get the funding, hire the right team, and over time, the issue is fixed, but the human error remains.
Hackers monitor bank employees on the internet. They did email phishing that appeared to be a real email from a person who was looking for a job at the bank and attached his resume. The email was sent to several employees, but only three of them clicked on the resume. The document looks real. However, clicking that CV runs a virus in the background.
Once hackers are in the banking network, they keep searching until they find the SWIFT terminal to perform financial transactions. They waited after the employee logged off his terminal, then hackers impersonated him and made several transactions.
Almost one billion dollars were removed instantly!
That’s led us to some questions:
How do you protect data against data leaks and during the migration of applications to the cloud?
How do you discover the necessary data to make better decisions?
The answer is data governance.
Data governance ensures that data is managed properly in the organisation.
Going back to our case, data governance includes data security, which defines security policies, authentication, authorization, and audit to protect the data.
Bangladesh Bank employees were in panic and did not know what to do when they discovered the fraud wires. There was no procedure in place.
Data is becoming extremely valuable to organizations. The best way to get the value of an organisation’s data assets is through data governance implementation.
