The Central Bank’s requirements for information security, which have dramatically increased over the past year, led to the departure of specialists in this field from banks to other industries. This situation has risks for banks and their customers. Experts noted that hackers who in 2019 refocused the attack from banks to government offices and industrial companies, can come back.
The banking market is in a dangerous situation, because the leading information security experts leave banks, finding application in other industries.
According to Alexander Vinogradov, the former head of the information security service at Zlatkombank, only among his acquaintances, 11 important Bank security officers who held senior positions resigned from credit institutions and found work in other areas — Telecom, retail, etc.
“The guys are just tired: the load on information security specialists has increased many times over the past year, the requirements have increased many times, many do not stand the load,” he said.
“The maximum responsibility and requirements with a very dubious return,” — said Denis Malygia, the former head of the service of the Bank “Garant-invest”, commenting on his decision to leave the post.
According to the information security experts, there is another problem, it is the unwillingness of banks to allocate budgets, which is why the risks of successful hacker attacks increase. Specialists of Group-IB said that 74% of the banks are not ready for hacker attacks.
Experts believe that the departure of information security specialists from banks is a dangerous trend. Maria Voronova, the Director of Consulting at InfoWatch Group of Companies, said that personnel risks, in particular, shortage of personnel, are one of the main operational risks in the field of information security.
According to experts, it is rather difficult to find a replacement for those who quit the bank. It may take about six months to find a new head of information security service.
It is interesting to note that in the first quarter of 2019, cyber attacks on the financial sector amounted to 6% of the total number of attacks on legal entities. State institutions (16%), medical (10%) and industrial companies (10%) became the most popular among hackers. If the bank security system will be more vulnerable, hackers can switch to this area.