Strategic Security Policy and Potential Threats for National Australian Bank

Verified

Added on  2023/06/07

|12
|2880
|109
AI Summary
This report discusses the security threats and vulnerabilities of National Australian Bank (NAB) and provides a strategic security policy for NAB. It also covers potential threats and vulnerabilities such as mobile banking risks, social networks, malware, botnets, DDOS attacks, and more.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Information
Security

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INFORMATION SECURITY
1
Executive Summary
NAB is a type of financial bank in Australia and there are main two industries of NAB
such as banking and financial services. The main purpose of this report is to understand
the security threat and vulnerabilities of NAB. This report is divided into two parts such
as a strategic security policy for NAB and potential threats and vulnerabilities. There are
various kinds of the process which can be used to reduce cyber-attacks, security risks of
NAB and their users which are explaining in this report.
Document Page
INFORMATION SECURITY
2
Contents
Introduction....................................................................................................................................................... 3
National Australian bank.............................................................................................................................. 3
Part A.................................................................................................................................................................... 3
The strategic security policy for NAB.................................................................................................. 3
Password system..................................................................................................................................... 3
Encryption method................................................................................................................................. 4
Digital certificates................................................................................................................................... 4
Authentication.......................................................................................................................................... 4
Secure Messaging.................................................................................................................................... 4
Limited Login Attempts........................................................................................................................ 5
Fraud Alerts............................................................................................................................................... 5
Fraud Protection Software.................................................................................................................. 5
Part B.................................................................................................................................................................... 5
Potential threats and vulnerabilities of NAB.................................................................................... 5
Mobile banking risks.............................................................................................................................. 5
Social Networks and Web 2.0............................................................................................................. 6
Malware, Botnets and DDOS Attacks............................................................................................... 6
Malicious hackers.................................................................................................................................... 6
Sniffers......................................................................................................................................................... 7
Third-Party Apps..................................................................................................................................... 7
Inside Attacks........................................................................................................................................... 7
Mitigation........................................................................................................................................................ 7
Conclusion........................................................................................................................................................... 8
References........................................................................................................................................................... 9
Document Page
INFORMATION SECURITY
3

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INFORMATION SECURITY
4
Introduction
NAB is one of the biggest national banks in Australia in the field of capitalization,
customer and earning (Abomhara, and Køien, 2015). It is estimated that the rank of this
bank is 21st in worldwide that was restrained by market capitalization. In the year 2014,
this bank operated around 1,590 branches and service centres and it was founded in the
year 1982 (Al, et al., 2016). The main objective of this report is to describe various
strategies and policies to reduce security risks for national Australian bank and
different kinds of security threats.
National Australian bank
The NAB is a very popular banking industry which provided various services to
customers such as banking services, financial services, and various online services. The
main headquarter of this bank is in Melbourne (Australia) and it also provided services
in New Zealand and Asia. There are many stockholders of NAB, for example, customers,
contractors, employees, investors (shareholders, the fund manager), analysts,
associations, government, regulators, supplier, media, and NGOs (Awan, et al., 2017).
Part A
The strategic security policy for NAB
National Australian bank is a banking industry which is suffering from various cyber-
crimes and security threats. It is observed that the main problem which occurs into NAB
is due to lack of security by which many customers lose their personal data files (Banks,
2017). There are many organizations and security communities developed strategies
and action plan to reduce threats and risk for NAB. It provided online banking services
by which users can lose their account information because hackers can easily enter into
their personal servers and block all communication systems (Cordell, and White, 2015).
Due to this type of issues, this bank can lose their value in the market and many
customers can remove their private accounts. They can adopt various security
programmes which are describing below-
Document Page
INFORMATION SECURITY
5
Password system
This type of security system can be sued by banks because it provides a platform to
protect human personal information’s. If any person adopts password-based system
then he can avoid security risk and NAB can provide this type of service to their
customers and they can use this technology into their computer systems (Imgraben,
Engelbrecht, and Choo, 2014).
Encryption method
It is the very important step for any banking sector which reduced many security
threats and risk. In which signal or information convert into a form of code and transfer
from supplier to customer and hackers cannot read this code without permission
(Islam, 2014). For example, HTTPS is rather than HTTP which is secure version and it
indication communication between websites and browser. NAB can adopt this
technology by which employees can transfer any message and mail into the form of
code and at receiver it converts into original information.
Digital certificates
The main purpose of digital certificates is that it provides an authentication process for
various websites. This is also called a third-party verification step which can be used for
NAB security because it can improve the security of human personal accounts (Keogh,
Gordon, and Marinovic, 2018). There are many Australian banks which display their
name in green color and this green shade shows the process of EV certificate.
Authentication
This is a very best step which verifies the identities of Australian banks websites and
their accounts. National Australian bank can adopt this type of system to secure their
passwords and it can provide an authentication app to their users by which they can
improve their securities (Khrais, 2015). OTP is one of the best examples of the
authentication process in which banks send an OTP to their personal mobile number
and after that, they can transfer money.
Biometric authorization system identifies human with the help of physical features.
There are many types of biometric systems available which can adopt NAB, for example,
fingerprint, and iris, voiceprints, and face recognition. All these are very accurate and
more secure rather than passwords based system.
Document Page
INFORMATION SECURITY
6
Secure Messaging
This type of process provides a platform to secure users with personal messages and e-
mails and it also improves communication between users and banks. The con artists
send you an email that resembles your banks, an endeavor to influence you to uncover
touchy data when you react to the phony mail (Schäfer, Scheffran, and Penniket, 2016).
Limited Login Attempts
The main objective of this security plan is to reduce brute-force attack into various
banks. If any person entered incorrect password then he may have seen awarding
message that is too many attempts might cause on your account which is a part of this
technology. If NAB uses limited login attempts in their private accounts then they can
improve their security. In the brute-force attack, hackers try to enter into the user’s
personal system with the help of repeated attempting system. Therefore users can use
this technology for the security of their bank accounts.
Fraud Alerts
Monitoring and controlling of users account for signs of unauthentic servers as an
important security plan because it can help banks to detect fraud messages and servers.
There are many organizations uses fraud alerts system to notify users that their private
data or accounts might have been compromised (Shackelford, 2016). NAB can use this
service and it can communicate with their customers by emails, and phone calls and UB
alert is an application by which they can reduce security threats.
Fraud Protection Software
In this modern generation information and communication technology developed many
antiviruses and software to protect human personal data from hackers. There are many
software's which can be used for NAB security, for example, firewall, log360, Acunetix,
landmark, teaming, Barkly, WebTitan, Cryposense, and Incapsula. All these software
runs into the background and protects human-computer systems and personal
information’s (Seo, et al., 2014).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
INFORMATION SECURITY
7
Part B
Potential threats and vulnerabilities of NAB
There are many security threats and vulnerabilities occur into national Australian banks
which are describing below
Mobile banking risks
Mobile phones play a significant ant role in the field of communication and many users
use mobile banking which increases security risks. The mobile banking applications for
national Australian bank are suffered from security threats and issues and it is observed
that this type of application can store hidden files into smartphones (Shafqat, and
Masood, 2016). It is estimated that in the year 2015 mobile banking applications
increased the rate of cyber- attacks by which many users lost their personals
information. Many hackers attack mobile browsing by which they can easily enter into
their private accounts.
Social Networks and Web 2.0
The association between cell phones and web-based life is developing, with Twitter and
Facebook applications offered for portable clients. Establishments grasping versatile
likewise are grasping long range interpersonal communication, says Rasmussen,
Internet Identity's main innovation officer (White, 2016). "With more puts money on
interpersonal organizations, hope to see more phony destinations utilizing informal
communities, similar to Twitter and Facebook, to attempt and trap individuals into
surrendering crucial individual data," including managing account login certifications
and Social Security numbers. Therefore NAB provides their advertisements on many
social websites and attackers produce an algorithm by which they can enter into NAB
websites and they can control their personal services.
Malware, Botnets and DDOS Attacks
DDOS and Malware both are very common threats in the field of banking and NAB is
suffering from this type of problem. DDOS is a distributed denial of services which is a
kind of attack that encrypts user private data or info ration. In which a hacker uses
malware, botnet and flooding process to block user authentic servers and they can enter
into bank personal servers by which NAB is suffering from cyber-attacks (White, 2016).
Hackers first send fraud e-mails and message to consumers which are to banking and
Document Page
INFORMATION SECURITY
8
users read that mails and click on given links by which attackers detect user's servers
and enter into their computer systems and other peripheral devices. After that, they
lock their accounts and demand money to restore back their private information’s
(White, 2016).
Malicious hackers
It refers to a security attack in which hacker breaks security and enters into a computer
system without a proper authorization (Al, et al., 2016). There are various kinds of
complex algorithms are used and hackers can control and monitor users servers and
employees of NAB are also suffering from this type of problem.
Sniffers
It is a part of the security threat of national Australian bank and in which attackers use
various software’s that could detect and capture login IDs and passwords. Hackers can
encrypt human authentic servers and they can control the communication system
between consumers and banks.
Third-Party Apps
There are many users which are using various kinds of the application on their
computers and mobiles phones which are developed by the third party. Many NAB
employees use this type of applications which are created by hackers and loaded with
malware through which they can lose their accounts information’s (Al, et al., 2016).
Inside Attacks
Many malicious attacks developed inside attack in which one user that uses false
credentials that produce a complex botnet system. According to Kirk Nehra, most of the
internal data of any bank or online websites can be traced back to an employee and
hacker provides a large number of traffic signals to block banking servers (Al, et al.,
2016). The main problem of any banking sector is that they are not using proper
database system and security plans.
Mitigation
NAB is suffering from various kinds of security threats and cyber-attack by which they
can lose their value in the market (Al, et al., 2016). Information and communication
Document Page
INFORMATION SECURITY
9
technology produced many security plans and steps by which NAB can secure their
personal accounts and information’s which are following
Use password-based systems and adopts biometric recognition resources
ADD an SSL certificate into their website by which they can control security
issues
Use back plans and recovery process like cloud computing
Monitor and control their personal servers by antiviruses and firewall
Communicate with their customers by fraud alert process
Use a one-time password system to secure human personal accounts
Block unauthorized access
Update computer and mobile software on a regular basis
Scanning banking computers and servers by using antivirus software
Use Short message service
Use Device identification technologies
Browser protection (Al, et al., 2016).
Conclusion
National Australian bank is a type of banking sector which provide banking services and
financial series to customers. There are many potential threats occur in NAB websites
such as DDOS attack, malicious attack, sniffer, and insides attack which are described in
this report. Many information and technology organization are developed their security
policies to control and reduce security problems in the field of mobile banking which
are evaluated in this report. It is observed that many NAB users use a simple password-
based system which can be easily broken and hackers can enter into their personal
accounts. Therefore, NAB should adopt security plans and use firewall software to
control cyber-crimes and threats.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
INFORMATION SECURITY
10
References
Abomhara, M. and Køien, G.M., (2015) Cybersecurity and the internet of things:
vulnerabilities, threats, intruders and attacks. Journal of Cyber Security, 4(1), pp.65-88.
Al, A., Anjariny, A.H., Habib, S.A. and Nyakwende, E., (2016) Cyberterrorism taxonomies:
Definition, targets, patterns, risk factors, and mitigation strategies. International Journal
of Cyber Warfare and Terrorism (IJCWT), 6(1), pp.1-12.
Awan, J.H., Memon, S., Khan, R.A., Noonari, A.Q., Hussain, Z. and Usman, M., (2017)
Security strategies to overcome cyber measures, factors and barriers. Eng. Sci. Technol.
Int. Res. J, 1(1), pp.51-58.
Banks, N.C., Paini, D.R., Bayliss, K.L. and Hodda, M., (2015) the role of global trade and
transport network topology in the humanmediated dispersal of alien species. Ecology
Letters, 18(2), pp.188-199.
Cordell, D. and White, S., (2015) Tracking phosphorus security: indicators of
phosphorus vulnerability in the global food system. Food Security, 7(2), pp.337-350.
Imgraben, J., Engelbrecht, A. and Choo, K.K.R., (2014) always connected, but are smart
mobile users getting more security savvy? A survey of smart mobile device
users. Behaviour & Information Technology, 33(12), pp.1347-1360.
Islam, S., (2014) Systematic literature review: Security challenges of mobile banking and
payments system. International Journal of u-and e-Service, Science and Technology, 7(6),
pp.107-116.
Keogh, K., Gordon, C. and Marinovic, P., (2018) Cybersecurity: Global developments in
cybersecurity law: is Australia keeping pace?. LSJ: Law Society of NSW Journal, 2(42),
p.82.
Khrais, L.T., (2015) Highlighting the vulnerabilities of the online banking system. The
Journal of Internet Banking and Commerce, 20(3), p. 4.
Document Page
INFORMATION SECURITY
11
Schäfer, M.S., Scheffran, J. and Penniket, L., (2016) Securitization of media reporting on
climate change? A cross-national analysis in nine countries. Security Dialogue, 47(1),
pp.76-96.
Seo, S.H., Gupta, A., Sallam, A.M., Bertino, E. and Yim, K., (2014) Detecting mobile
malware threats to homeland security through static analysis. Journal of Network and
Computer Applications, 38(2), pp.43-53.
Shackelford, S.J., (2016) Protecting intellectual property and privacy in the digital age:
The use of national cybersecurity strategies to mitigate cyber risk. Chap. L. Rev., 19(6),
p.445.
Shafqat, N. and Masood, A., (2016) Comparative analysis of various national
cybersecurity strategies. International Journal of Computer Science and Information
Security, 14(1), p.129.
White, J., (2016) Cyber Threats and Cyber Security: National Security Issues, Policy and
Strategies. Global Security Studies, 7(4), p. 14.
1 out of 12
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]