ISSN:
2181-3906
2023
International scientific journal
«MODERN SCIENCE АND RESEARCH»
VOLUME 2 / ISSUE 7 / UIF:8.2 / MODERNSCIENCE.UZ
230
EFFECTIVE MEASURES AGAINST CYBER THREATS OF THE BANKING AND FINANCIAL
SYSTEM
Zukhra Maratdaevna Otakuzieva
Tashkent University of Information Technologies named after Muhammad al-Khwarizmi, Ph.D.,
associate professor, Tashkent, Uzbekistan. Email:
zukhra.otakuzieva@mail.ru
ORCID ID: 0000-0002-
4283-8181
Isroilov Javokhirbek Abdugaffor ugli
Tashkent University of Information Technologies named after Muhammad al-Khwarizmi, 3rd year
student of the Faculty of Cyber Security, Information Security
Email:
javokhirbekisroilov166@gmail.com
https://doi.org/10.5281/zenodo.8170386
Abstract.
This article presents several effective cyber security policies and regulations that can be
adopted by governments and regulatory bodies in many countries around the world today to reduce the
risk of cyber attacks on banking and financial systems. In addition, the article discusses how governments
and regulators can reduce the risk of cyber-attacks on banking and financial systems and protect financial
institutions and their customers by establishing effective cybersecurity policies and regulations.
Keywords:
cyber attack, banking and financial systems, financial losses, cyber criminals, financial
transactions, information security.
ЭФФЕКТИВНЫЕ МЕРЫ ПРОТИВ КИБЕРУГРОЗ БАНКОВСКО-ФИНАНСОВОЙ
СИСТЕМЕ
Аннотация.
В данной статье представлены несколько эффективных политик и
нормативных актов в области кибербезопасности, которые сегодня могут быть приняты
правительствами и регулирующими органами во многих странах мира для снижения риска
кибератак на банковские и финансовые системы. Кроме того, в статье обсуждается, как
правительства и регулирующие органы могут снизить риск кибератак на банковские и финансовые
системы и защитить финансовые учреждения и их клиентов путем разработки эффективных
политик и правил кибербезопасности.
Ключевые слова:
кибератака, банковско-финансовые системы, финансовые потери,
киберпреступники, финансовые операции, информационная безопасность.
INTRODUCTION
The banking and financial sector, which actively adopts the most modern digital and information
technologies, is considered one of the most attractive targets for cyber attacks. According to Accenture, an
international consulting company, the main cyber attacks facing the banking and financial sector are:
- theft of accounting and personal information of financial institutions and their clients;
- manipulation of information stolen from financial institutions for financial or political interests
that distort financial systems and markets;
- destructive malicious program (malware), i.e. directly or indirectly harms an individual computer
or the entire network, server, for example, disrupts the operation of the computer or steals the user's personal
information;
- improvement of cyberterrorism methods with the development of new technologies: fraudsters
use new technologies introduced by financial organizations;
- multi-level disinformation used purposefully in the course of attacks on financial institutions and
markets.
ISSN:
2181-3906
2023
International scientific journal
«MODERN SCIENCE АND RESEARCH»
VOLUME 2 / ISSUE 7 / UIF:8.2 / MODERNSCIENCE.UZ
231
MAIN PART
Nowadays, cyber attacks have become a serious problem for banking and financial systems around
the world. The impact is serious and can range from financial losses to reputational damage and even
damage to critical infrastructure.
There are several effective cyber security policies and regulations that can be adopted by
governments and regulators today to reduce the risk of cyber-attacks on banking and financial systems,
which we outline in more detail below.
These include:
1. Mandatory safety standards. Governments and regulators can set mandatory security standards
that all financial institutions must adhere to. These standards may include requirements for strong
passwords, data encryption, regular software updates, and other security measures.
2. Risk assessment. Financial institutions should conduct regular risk assessments to identify
potential cybersecurity threats and vulnerabilities. These assessments help financial institutions take
proactive steps to mitigate security before potential threats are exploited by cybercriminals.
3. Incident response plans. Financial institutions should have incident response plans in place in
the event of a cyber security breach. These plans should include procedures for notifying customers, law
enforcement and regulators, as well as measures to mitigate the consequences of a breach.
4. Information sharing. Governments and regulators can encourage information sharing among
financial institutions to better understand and respond to cybersecurity threats. This can include sharing
information about threats, best practices, and more to help financial institutions improve their cybersecurity.
5. Sanctions and penalties. Governments and regulators can impose sanctions and penalties on
financial institutions that fail to comply with cybersecurity regulations or experience security breaches.
These sanctions can encourage financial institutions to take cybersecurity seriously and invest in robust
security measures.
6. Cyber Security Training. Governments and regulators may require financial institutions to
provide cybersecurity training for their employees. This helps employees better understand cybersecurity
threats and how to prevent them, reducing the risk of security breaches due to human error.
Encouraging financial institutions to share information about cybersecurity threats can be difficult,
as institutions may be reluctant to share sensitive information about their systems and operations. However,
there are several ways that governments and regulators can encourage information sharing between
financial institutions:
Create a trusted information sharing network: Governments and regulators can create a trusted
information sharing network and financial institutions can securely and privately share information about
cybersecurity threats and vulnerabilities. In this case, the network can also be managed by a neutral third
party trusted by financial institutions and regulatory authorities.
Provide legal protection: Governments and regulators can provide legal protection to financial
institutions that share information about cyber security threats. These protections may include immunity
from legal liability or antitrust laws for fair dealing.
Encourage information sharing: Governments and regulators can encourage financial institutions
to share information about cybersecurity threats. For example, financial institutions that participate in
information sharing networks may receive regulatory review or other benefits.
Sharing best practices. Governments and regulators can share best practices on information sharing
among financial institutions. This may include advice on how to protect confidential information, how to
build trust between institutions, and ensure timely and appropriate information sharing.
Developing a culture of cooperation. Finally, governments and regulators can foster a culture of
cooperation among financial institutions. This may include hosting events and other opportunities to meet
with financial institutions and share information about cybersecurity threats and vulnerabilities.
ISSN:
2181-3906
2023
International scientific journal
«MODERN SCIENCE АND RESEARCH»
VOLUME 2 / ISSUE 7 / UIF:8.2 / MODERNSCIENCE.UZ
232
Through these activities, governments and regulators can encourage their financial institutions to
share information about cybersecurity threats and work together to improve the overall security of the
banking and financial system. Financial institutions can benefit from participating in information sharing
networks by:
a) regulatory incentives, that is, governments and regulators can provide regulatory incentives for
financial institutions participating in information exchange networks. This may include preferential
treatment for regulatory scrutiny or reduced regulatory burdens for institutions involved in information
sharing;
b) material incentives. Financial institutions may be interested in participating in information
networks through financial rewards such as grants or subsidies. Governments and regulators can provide
financial incentives to encourage institutions to share information about cybersecurity threats and
vulnerabilities;
c) liability protection. Financial institutions may be reluctant to share information about cyber
security threats due to legal liability. Governments and regulators can protect the accountability of financial
institutions that share information in good faith by assuring them that they are not liable for sharing
information about cyber security threats;
g) to achieve reputation. Financial institutions participating in information sharing networks can
benefit from reputation and customer trust. Customers are more likely to trust financial institutions that
proactively work to prevent cyberattacks and share information about potential threats or vulnerabilities.
d) access to experience. Financial institutions participating in information sharing networks can
benefit from the expertise and knowledge of other institutions and cybersecurity experts. This helps them
identify and mitigate potential risks and vulnerabilities more effectively.
By providing such incentives, governments and regulators can encourage financial institutions to
participate in information networks and work together to improve the overall security of the banking and
financial system.
CONCLUSION
In conclusion, there are several effective cybersecurity policies and regulations that can be adopted
by governments and regulators today to reduce the risk of cyber attacks on banking and financial systems,
including mandatory security standards, risk assessments, incident response plans, information sharing ,
sanctions and penalties, and cyber security training can be included. By establishing these and other
effective cybersecurity policies and regulations, governments and regulators can help reduce the risk of
cyberattacks on banking and financial systems and protect financial institutions and their customers.
REFERENCES
1.
Бopucoвa E.C. Иннoвaции кaк инcтpyмeнт o6ecпeчeния инфopмaциoннoй 6esoпacнocти и
пoвышeния эффeктивнocти дeятeльнocти 6aнкoвcкoй cиcтeмы // Aктyaльныe пpo6лeмы
экoнoмики и пpaвa. – 2019. – T. 13, № 3. – C. 1330–1342.
2.
Kи6epaтaки нa 6aнки: Tpeнды, yяsвимocти и poль peгyлятopa. – 2018. – 27.07. – URL:
http
sionals/kiberataki-na-banki-trendy-uyazvimosti-i-rol-regulyatora/
Oбзop oпepaций, coвepшeнныx 6es coглacия клиeнтoв финaнcoвыx opгaниsaций sa 2019 гoд /
Бaнк Poccии, ФинЦEPT. – 2020. – 23 c.
3.
Mepцeвa C.Œ.
Финтex-индycтpия и инфopмaциoннaя 6esoпacнocть // Mиpoвoe и нaциoнaльнoe
xosяйcтвo. – 2018.
4.
Future cyber threats: 2019 extreme but plausible threat scenarios in financial services // Accenture. –
2019.
–
URL:
https://
www.accenture.com/_acnmedia/pdf-100/accenture_fs_threat-
5.
Group-IB: 6oлee 70% 6aнкoв нe гoтoвы пpoтивocтoять ки6epaтaкaм // Group-IB. – 2019. – 19.02.
ISSN:
2181-3906
2023
International scientific journal
«MODERN SCIENCE АND RESEARCH»
VOLUME 2 / ISSUE 7 / UIF:8.2 / MODERNSCIENCE.UZ
233
– URL: https://
www.group-ib.ru/media/banks-readiness/
6.
Hi-Tech Crime Trends 2018. Oтчeт o тeндeнцияx выcoкoтexнoлoгичныx пpecтyплeний // Group-
IB. – 2018. – URL: https://
www.group-ib.ru/resources/threat-research/2018-report.html
7.
Federal Bureau of Investigation, Internet Crime Report. 2016. [Электронный ресурс]. URL:
https://pdf.ic3.gov/2016_IC3Report.pdf.
8.
Eling M. What do we know about cyber risk and cyber risk insurance? // The Journal of Risk Finance.
2017. Iss. 5. Р. 474-491.