Interesting Talk - Banking Industry

Last night I have talked to a friend who I haven't met for last two years, she is working in banking industry. What make the conversation interesting was when she told me a lot about the incidents that happenned in that field - phishing, social engineering, and internal threats. I also kind of understand banking system through the conversation. The whole 2 and half hours conversation sounds like an interview, or maybe survey for me to get myself understand the current threat of banking industry. Or maybe I shouldn't have talked to a girl like this to attract her attention, but I'm just too fascinated with this type of real life story telling. From what we have talked, I have summarized the things below.

1. Human exploitation is much more easier to be done, compare to electronic hacks.

2. Banking system(not really computer related) is not tighten enough, there are certain way to circumvent the rules and regulations. Most bad guys can play with the rules instead of breaking the rules.

3. Human mistakes tend to happen, this give lot of chances to lead to the compromised of system.

4. Trust relationship is also one of the issue, sensitive information is not only stored in system but human being.

5. Internal threat is happenning, human control is considered hard to achieve. Blind spot is always discovered by internal people since they know how the banking system works.

Considered this is one in-sight talk regarding Banking Industry in Malaysia, if you know one or working in banking industry, please send me info or at least any threats that currently been discovered that are not published in the internet. I would like to hear from you.

