Though most of the bank executives are confident of their cybersecurity strategy and preparedness, lack of practical testing makes the defence vulnerable, a new report said on Thursday.
According to global professional services company Accenture's new global report that involved 275 senior security executives across the banking and capital markets sectors, 78 per cent of executives surveyed expressed confidence in their overall cybersecurity strategy.
But when it came to stop a breach, phishing and malware attacks, 59 per cent of the banks were unable to detect breaches for several months while 36 per cent of all the attacks were successful in stealing some data or information.
"As Indian financial services firms are in the initial stages of adopting digital technologies, they have a unique opportunity to set up proper checks and balances to prevent cyber attacks," said Piyush Singh, Managing Director (Financial Services Group) Accenture in APAC and India.
Nearly 48 per cent of respondents cited internal breaches as having the greatest cybersecurity impact and 52 per cent indicated a lack of confidence in their organisation's ability to detect a breach through internal monitoring.
"They should also focus on deploying practical testing scenarios that include highly realistic simulated attacks. No amount of vulnerability scanning or risk assessment will replicate that," Singh added.
While the banks' security teams detected a high number of each company's breaches, virtually all the respondents said they learned about the remainder of the breaches from their own employees, pointing to the critical importance of establishing strong awareness, strengthening internal training programmes and establishing effective internal escalation processes.