An Analysis of Cyber Security Threats and Risk Management at HSBC Bank

Verified

Added on 2023/01/24

AI Summary

This report provides an analysis of the cyber security threats faced by HSBC Bank, a multinational financial institution, and proposes a risk-based framework for mitigation. The report highlights the importance of a structured approach to manage risks in today's technology-driven business environment. It discusses specific vulnerabilities, such as those related to payment gateways and data management, referencing a 2018 data breach reported by Forbes. The report suggests several strategies for HSBC Bank to minimize cyber risks, including stringent payment gateway protocols to protect customer accounts, strict internal data management to ensure ethical data use, requiring manager approval for data access, and ethical training for employees. The report emphasizes the need for a comprehensive approach to cyber security, encompassing technological measures and employee training to reduce the likelihood of cyber threats and protect the bank's assets.

Running head: CYBER SECURITY THREATS TO HSBC BANK
Cyber Security Threats to HSBC Bank
Name of the Student:
Name of the University:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1CYBER SECURITY THREATS TO HSBC BANK
Cyber security threats to HSBC Bank:
It is very important to form a structured approach to apply a risk based framework to
manage risks which multinational organisations face in today’s business environment driven by
technology. The structured risk management framework would enable the management of the
business organisations to identify the risks which could have negative impact on their business
outcomes and take appropriate actions to mitigate or at least reduce them. The risk which the
structured risk framework would seek to mitigate would cyber risks and the organization chosen
for the research would be HSBC Bank. As per an article published on November 08, 2018 in the
Forbes Magazine, the customer data base of the global bank was subjected to cyber security
initiated by unauthorized users (Forbes.com, 2019). The following are the steps which HSBC
Bank can adopt to create a cost effective and maintainable risk management framework to
minimize cyber risks:
Stringent payment gateway protocols:
The bank should instruct all its customers to change their PINs and usernames which they
use to make payments online as well as to withdraw money using its gateways. This stringent
step would make it difficult for the hackers to guess the account details which they use into
infiltrate into the account of the respective customers (Gomes et al., 2018).
Strict internal management of data:
HSBC Bank should form strict internal management of data to ensure ethical use of data.
The bank should instruct all its employees to use their respective email ids and passwords to
communicate all business information. The employees should be allowed to transfer data into
other secondary storage devices like smart phones and pen drives under any condition (Ahuja,

2CYBER SECURITY THREATS TO HSBC BANK
2018). It is often alleged that employees in the back end processes of banks are often responsible
for transferring sensitive business data to illicit groups in return of money. Thus, this step would
require the employees to make all official communication using their official email ids which
would enable the IT department to vigil on the sharing of data (Hampton & Baig, 2015). This
process would thus discourage employees from illegally transferring data, thus reducing the
scope of cyber security to a large extent.
Approval of reporting manager or skip level manager to use data:
The management of HSBC Bank should mandate all the employees below the level of
assistant managers to obtain approval of their skip level of managers to get access to sensitive
data like customer leads. The lower level employees should have restricted access to business
data which they would require to achieve their targets. The business information like customers
are ideally intangible assets of the bank and hence, the apex management should outline the strict
process of using the data (Gonzalez-Morales et al., 2018). This supervision of the senior
managers on the usage of data would restrict scope of cyber security.
Ethical training of employees:
The management of HSBC should offer ethical training to the employees on operating
ethically while using sensitive business data. This ethical strengthening of employees would
reduce the chances of cyber threats to a great extent (Harris, 2016).

3CYBER SECURITY THREATS TO HSBC BANK
References:
Ahuja, R. (2018). Mobile Payments for Conducting M-Commerce. In Mobile Commerce:
Concepts, Methodologies, Tools, and Applications (pp. 450-467). IGI Global.
Forbes.com. (2019). Retrieved from
https://www.forbes.com/sites/daveywinder/2018/11/06/hsbc-bank-usa-admits-breach-
exposing-account-numbers-and-transaction-history/#c7f65095af3c
Gomes, J. F., Iivari, M., Ahokangas, P., Isotalo, L., Sahlin, B., & Melén, J. (2018). Cyber
security business models in 5g. A Comprehensive Guide to 5G Security, M. Liyanage, I.
Ahmad, AB Abro, A. Gurtov, and M. Ylianttila, Eds. Wiley, 99-116.
Gonzalez-Morales, M. G., Kernan, M. C., Becker, T. E., & Eisenberger, R. (2018). Defeating
abusive supervision: Training supervisors to support subordinates. Journal of
Occupational Health Psychology, 23(2), 151.
Hampton, N., & Baig, Z. A. (2015). Ransomware: Emergence of the cyber-extortion menace.
Harris, A. (2016). Cyber ethics: Assessment on government and the private industry (Doctoral
dissertation, Utica College).