Nemekhbayar Luuzan, Lead Information Security Officer at AND Global
Despite technological advancements, incidents of cyber crimes are on the rise globally, including in Singapore. Cybercriminals use sophisticated tactics to steal confidential information, resulting in billions of dollars in annual financial losses. According to the Singapore Police Force, the number of scam and cybercrime cases in Singapore rose 49.6 per cent to 50,376 in 2023 from 33,669 in 2022.
Identifying potential threats early on is an effective way to address this challenge. But how can organisations identify threats and act upon them?
In this interview, Nemekhbayar Luuzan, Lead Information Security Officer of Singapore-based AND Global, discusses how organisations can maintain privacy and data security in an era of digital innovation and AI and how to identify and protect themselves from attempted scams.
Edited excerpts:
How alarming is the rise of cybercrimes globally, such as phishing and smishing scams?
The rise of cybercrimes, particularly phishing and smishing scams, is extremely alarming. I have witnessed firsthand the increasing prevalence of these scams targeting individuals and businesses alike. Their sophisticated tactics aim to steal confidential information, resulting in billions of dollars in annual financial losses. This highlights the urgent need for robust cybersecurity measures.
With the rise of phishing and smishing scams targeting businesses and individuals, how can companies educate their clients to recognise and thwart such attempts? What role does AI play in enhancing security measures, particularly detecting and preventing fraudulent activities?
To combat these threats effectively, organisations must adopt a proactive approach. This includes robust security protocols like data encryption and multi-factor authentication. Minimising data collection, patch management, and regular system updates are also crucial. Building user awareness is essential.
Also Read: What if cybersecurity included everyone it protects?
We at AND Global utilise various channels to educate our clients on recognising and thwarting phishing and smishing attempts. We also conduct phishing simulations to test and improve client awareness.
AI technologies enhance security by enabling real-time analysis and automated responses to potential fraud. AI’s ability to adapt and learn from new fraud patterns continuously strengthens our security frameworks.
As an expert in fintech and banking, how do you foresee the future of digital innovation intersecting with the imperative of safeguarding personal and financial data?
The future of digital innovation in fintech will be a constant dance between progress and security. Here are some key trends I foresee:
Privacy-enhancing technologies (PETs): Techniques like homomorphic encryption and secure multi-party computation will enable advanced financial services without compromising data privacy. Users will retain control over their data while institutions can perform necessary analytics.
Biometric authentication: Advancements in biometrics like facial recognition and iris scans will offer stronger authentication methods, reducing reliance on passwords vulnerable to phishing. However, robust regulations will be needed to ensure user consent and prevent misuse.
Decentralised Finance (DeFi): DeFi promises a more democratised financial system, but security risks are high. Collaboration between regulators and innovators will be crucial to developing secure DeFi protocols that balance innovation with consumer protection.
How does AND Global adapt its security protocols to meet each market’s specific challenges and regulatory environments?
We operate globally, so our security protocols flex to fit each market’s unique needs.
Regulation-savvy: We map local data privacy laws (like GDPR and CCPA) and adjust protocols accordingly.
Local experts: Regional security teams and consultant partnerships keep us informed of regional threats.
Data on lockdown: Data localisation, minimisation, and privacy-enhancing technologies (like homomorphic encryption) bolster security in regions with stricter regulations.
Clear communication: Localised policies and multilingual support ensure clients understand their rights and how we protect their data.
Scalable security: Our adaptable architecture allows us to integrate additional security measures required in specific regions.
This ensures our security stays strong and compliant no matter where you are in the world.
Can you elaborate on AND Global’s approach to maintaining a balance between efficiency and security in its financial solutions, especially amid rapid technological advancements?
We understand the need for both robust security and efficient financial solutions, especially as technology advances rapidly. Here’s how we achieve this balance:
Security by design: We integrate strong security features from the very beginning of product development. This includes secure coding practices to minimise vulnerabilities, encryption of data at rest and in transit, multi-factor authentication (MFA) for user access, and automated security testing to identify and address potential issues early on.
Also Read: The perils of oversharing: How social media feeds cyberattacks
Leveraging automation for efficiency: We utilise automation tools for tasks like user onboarding and verification, transaction processing and fraud screening, security incident response, and security patch management. This streamlines processes without compromising security.
AI-powered security solutions: We implement AI-powered security solutions for real-time anomaly detection to identify suspicious activity, behavioural analytics to assess transaction risk profiles, and machine learning-based fraud detection to deter fraudulent transactions. AI helps us work smarter, not harder, in identifying and preventing threats.
Risk-based authentication: We implement risk-based authentication, where the level of authentication (e.g., single vs. multi-factor) is based on the perceived risk of the transaction. This allows for a balance between security and user experience.
Security as a shared responsibility: We foster a culture of security awareness among employees and educate clients on best practices for protecting their accounts. We encourage clients to report suspicious activity promptly.
Continuous improvement: We regularly review and update security protocols to stay ahead of evolving threats. This includes conducting security audits and penetration testing and staying up-to-date on the latest security trends and technologies.
Adapting to technological advancements: We constantly monitor emerging security threats associated with new technologies. We also stay updated on advancements in security solutions, explore their integration with existing security frameworks and invest in ongoing training for the security team to ensure they have the expertise to manage new threats and technologies.
Given the significant increase in scam and cybercrime cases, how does AND Global collaborate with law enforcement agencies and regulatory bodies to effectively combat such threats?
Reporting suspicious activity: We have robust procedures for identifying and reporting suspicious activity to relevant law enforcement agencies. This allows for swift investigation and potential apprehension of criminals.
Also Read: Digital scams are on the rise – Is Asia ready for the fight?
Information sharing: We actively participate in information-sharing initiatives with regulatory bodies and industry peers. Sharing knowledge about new scams and attack vectors helps build collective defences.
Regulatory compliance: We adhere strictly to evolving financial regulations, including anti-money laundering (AML) and Know Your Customer (KYC) guidelines. This helps deter illegal activities and fosters trust in the financial system.
—
X marks Echelon. Join us at Singapore EXPO on May 15-16 for the 10th edition of Asia’s leading tech and startup conference. Enjoy 2 days of building connections with potential investors, partners, and customers, exploring innovation, and sharing insights with 8,000+ key decision-makers of Asia’s tech ecosystem. Get your tickets here.
Want more from your Echelon experience? Be an Echelon X sponsor or exhibitor. Send enquiry here.
The post The future of fintech innovation will be a constant dance between progress and security: AND Global appeared first on e27.