Lawrence Agcaoili (The Philippine Star) – May 30, 2021 – 12:00 p.m.
MANILA, Philippines: Increased digitization and accelerated work-from-home agreements in response to the COVID-19 pandemic may further expose the banking industry to cybercrime, according to S&P Global Ratings.
In a report, S&P analyst Irina Velieva said cyberattacks could damage the credit rating of financial institutions primarily due to potential monetary damage and loss.
“Cyberattacks have so far had a limited effect on banking ratings, but could trigger more rating actions in the future as cyber incidents become more frequent and complex,” Velieva said.
The debt watchdog said banks and other financial institutions are attractive targets for cybercriminals as they possess valuable personal data and play a critical role in serving particular financial or economic needs and segments.
He warned that institutions with weak risk governance are less prepared and therefore more vulnerable to cyberattacks.
While it is crucial to learn from previous attacks and strengthen real-time cybersecurity risk frameworks, S&P stated that proper attack detection and remediation take precedence because the nature of the threats continues to evolve.
“We believe that cyber defense will become an increasingly important part of the general risk management and management frameworks of entities, which need increasing spending and more sophisticated tools. We recognize, however, that this may not be easy for many entities, especially those with weaker risk control frameworks and insufficient budget for cyber defense, “S&P said.
The international rating agency said a large-scale cyberattack could have a considerable impact on an institution’s ability to meet its obligations on time and on time.
“The financial industry is a key target of cybercrime because banks and other financial institutions store sensitive personal data and possess valuable information about financial transactions. The increasing digitalization of the banking system and the acceleration of work agreements from home in response to the COVID-19 pandemic have exposed the industry to cybercrime by significantly increasing online communication, ”he said.
U.S.-based software company Guidewire said most of the publicly available cybersecurity incidents at financial institutions are related to data breaches. The number of ransomware attacks is also increasing.
Relatively large financial institutions remain the most frequent targets of reported successful attacks, accounting for 26% followed by public administration with 13%, health care with 11%, education and research with 9%, manufacturing with 7%, among others.
S&P said a bank’s business stability could be deteriorated by the loss of customer confidence as a result of a successful attack.
He added that potential losses from cyber events could lead to material losses and, in turn, hurt a bank’s capitalization. Poorly managed cyber risks could expose structural weaknesses in a bank’s risk management.
“We also consider the ability to manage and prevent cybersecurity risks as part of our management and governance assessment,” S&P said.