Strategies And Policies To Reduce Security Risks For National Australian Bank Essay.

1. Research, develop, and document a basic security policy, and analyse, record, and resolve all security incidents
2. Identify and assess the threats to, and vulnerabilities of  networks

National Australian Bank

NAB is one of the biggest national banks in Australia in the field of capitalization, customer and earning (Abomhara, and Køien, 2015). It is estimated that the rank of this bank is 21^st in worldwide that was restrained by market capitalization. In the year 2014, this bank operated around 1,590 branches and service centres and it was founded in the year 1982 (Al, et al., 2016). The main objective of this report is to describe various strategies and policies to reduce security risks for national Australian bank and different kinds of security threats.

The NAB is a very popular banking industry which provided various services to customers such as banking services, financial services, and various online services. The main headquarter of this bank is in Melbourne (Australia) and it also provided services in New Zealand and Asia. There are many stockholders of NAB, for example, customers, contractors, employees, investors (shareholders, the fund manager), analysts, associations, government, regulators, supplier, media, and NGOs (Awan, et al., 2017).

National Australian bank is a banking industry which is suffering from various cyber-crimes and security threats. It is observed that the main problem which occurs into NAB is due to lack of security by which many customers lose their personal data files (Banks, 2017). There are many organizations and security communities developed strategies and action plan to reduce threats and risk for NAB. It provided online banking services by which users can lose their account information because hackers can easily enter into their personal servers and block all communication systems (Cordell, and White, 2015). Due to this type of issues, this bank can lose their value in the market and many customers can remove their private accounts. They can adopt various security programmes which are describing below-

This type of security system can be sued by banks because it provides a platform to protect human personal information’s. If any person adopts password-based system then he can avoid security risk and NAB can provide this type of service to their customers and they can use this technology into their computer systems (Imgraben, Engelbrecht, and Choo, 2014).

It is the very important step for any banking sector which reduced many security threats and risk. In which signal or information convert into a form of code and transfer from supplier to customer and hackers cannot read this code without permission (Islam, 2014). For example, HTTPS is rather than HTTP which is secure version and it indication communication between websites and browser. NAB can adopt this technology by which employees can transfer any message and mail into the form of code and at receiver it converts into original information.

The main purpose of digital certificates is that it provides an authentication process for various websites. This is also called a third-party verification step which can be used for NAB security because it can improve the security of human personal accounts (Keogh, Gordon, and Marinovic, 2018). There are many Australian banks which display their name in green color and this green shade shows the process of EV certificate.

The Strategic Security Policy for NAB

This is a very best step which verifies the identities of Australian banks websites and their accounts. National Australian bank can adopt this type of system to secure their passwords and it can provide an authentication app to their users by which they can improve their securities (Khrais, 2015). OTP is one of the best examples of the authentication process in which banks send an OTP to their personal mobile number and after that, they can transfer money.  

Biometric authorization system identifies human with the help of physical features. There are many types of biometric systems available which can adopt NAB, for example, fingerprint, and iris, voiceprints, and face recognition. All these are very accurate and more secure rather than passwords based system.

This type of process provides a platform to secure users with personal messages and e-mails and it also improves communication between users and banks. The con artists send you an email that resembles your banks, an endeavor to influence you to uncover touchy data when you react to the phony mail (Schäfer, Scheffran, and Penniket, 2016).

The main objective of this security plan is to reduce brute-force attack into various banks. If any person entered incorrect password then he may have seen awarding message that is too many attempts might cause on your account which is a part of this technology. If NAB uses limited login attempts in their private accounts then they can improve their security. In the brute-force attack, hackers try to enter into the user’s personal system with the help of repeated attempting system. Therefore users can use this technology for the security of their bank accounts.

Monitoring and controlling of users account for signs of unauthentic servers as an important security plan because it can help banks to detect fraud messages and servers. There are many organizations uses fraud alerts system to notify users that their private data or accounts might have been compromised (Shackelford, 2016). NAB can use this service and it can communicate with their customers by emails, and phone calls and UB alert is an application by which they can reduce security threats.

In this modern generation information and communication technology developed many antiviruses and software to protect human personal data from hackers. There are many software's which can be used for NAB security, for example, firewall, log360, Acunetix, landmark, teaming, Barkly, WebTitan, Cryposense, and Incapsula. All these software runs into the background and protects human-computer systems and personal information’s (Seo, et al., 2014).

There are many security threats and vulnerabilities occur into national Australian banks which are describing below

Mobile phones play a significant ant role in the field of communication and many users use mobile banking which increases security risks. The mobile banking applications for national Australian bank are suffered from security threats and issues and it is observed that this type of application can store hidden files into smartphones (Shafqat, and Masood, 2016). It is estimated that in the year 2015 mobile banking applications increased the rate of cyber- attacks by which many users lost their personals information. Many hackers attack mobile browsing by which they can easily enter into their private accounts.

Potential Threats and Vulnerabilities of NAB

The association between cell phones and web-based life is developing, with Twitter and Facebook applications offered for portable clients. Establishments grasping versatile likewise are grasping long range interpersonal communication, says Rasmussen, Internet Identity's main innovation officer (White, 2016). "With more puts money on interpersonal organizations, hope to see more phony destinations utilizing informal communities, similar to Twitter and Facebook, to attempt and trap individuals into surrendering crucial individual data," including managing account login certifications and Social Security numbers. Therefore NAB provides their advertisements on many social websites and attackers produce an algorithm by which they can enter into NAB websites and they can control their personal services.

DDOS and Malware both are very common threats in the field of banking and NAB is suffering from this type of problem. DDOS is a distributed denial of services which is a kind of attack that encrypts user private data or info ration. In which a hacker uses malware, botnet and flooding process to block user authentic servers and they can enter into bank personal servers by which NAB is suffering from cyber-attacks (White, 2016). Hackers first send fraud e-mails and message to consumers which are to banking and users read that mails and click on given links by which attackers detect user's servers and enter into their computer systems and other peripheral devices. After that, they lock their accounts and demand money to restore back their private information’s (White, 2016).

It refers to a security attack in which hacker breaks security and enters into a computer system without a proper authorization (Al, et al., 2016). There are various kinds of complex algorithms are used and hackers can control and monitor users servers and employees of NAB are also suffering from this type of problem.

It is a part of the security threat of national Australian bank and in which attackers use various software’s that could detect and capture login IDs and passwords. Hackers can encrypt human authentic servers and they can control the communication system between consumers and banks.  

There are many users which are using various kinds of the application on their computers and mobiles phones which are developed by the third party. Many NAB employees use this type of applications which are created by hackers and loaded with malware through which they can lose their accounts information’s (Al, et al., 2016).

Many malicious attacks developed inside attack in which one user that uses false credentials that produce a complex botnet system. According to Kirk Nehra, most of the internal data of any bank or online websites can be traced back to an employee and hacker provides a large number of traffic signals to block banking servers (Al, et al., 2016).  The main problem of any banking sector is that they are not using proper database system and security plans.

NAB is suffering from various kinds of security threats and cyber-attack by which they can lose their value in the market (Al, et al., 2016).  Information and communication technology produced many security plans and steps by which NAB can secure their personal accounts and information’s which are following

• Use password-based systems and adopts biometric recognition resources
• ADD an SSL certificate into their website by which they can control security issues
• Use back plans and recovery process like cloud computing
• Monitor and control their personal servers by antiviruses and firewall
• Communicate with their customers by fraud alert process
• Use a one-time password system to secure human personal accounts
• Block unauthorized access
• Update computer and mobile software on a regular basis
• Scanning banking computers and servers by using antivirus software
• Use Short message service
• Use Device identification technologies
• Browser protection (Al, et al., 2016).

Conclusion

National Australian bank is a type of banking sector which provide banking services and financial series to customers. There are many potential threats occur in NAB websites such as DDOS attack, malicious attack, sniffer, and insides attack which are described in this report. Many information and technology organization are developed their security policies to control and reduce security problems in the field of mobile banking which are evaluated in this report. It is observed that many NAB users use a simple password-based system which can be easily broken and hackers can enter into their personal accounts. Therefore, NAB should adopt security plans and use firewall software to control cyber-crimes and threats.

References

Abomhara, M. and Køien, G.M., (2015) Cybersecurity and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security, 4(1), pp.65-88.

Al, A., Anjariny, A.H., Habib, S.A. and Nyakwende, E., (2016) Cyberterrorism taxonomies: Definition, targets, patterns, risk factors, and mitigation strategies. International Journal of Cyber Warfare and Terrorism (IJCWT), 6(1), pp.1-12.

Awan, J.H., Memon, S., Khan, R.A., Noonari, A.Q., Hussain, Z. and Usman, M., (2017) Security strategies to overcome cyber measures, factors and barriers. Eng. Sci. Technol. Int. Res. J, 1(1), pp.51-58.

Banks, N.C., Paini, D.R., Bayliss, K.L. and Hodda, M., (2015) the role of global trade and transport network topology in the human?mediated dispersal of alien species. Ecology Letters, 18(2), pp.188-199.

Cordell, D. and White, S., (2015) Tracking phosphorus security: indicators of phosphorus vulnerability in the global food system. Food Security, 7(2), pp.337-350.

Imgraben, J., Engelbrecht, A. and Choo, K.K.R., (2014) always connected, but are smart mobile users getting more security savvy? A survey of smart mobile device users. Behaviour & Information Technology, 33(12), pp.1347-1360.

Islam, S., (2014) Systematic literature review: Security challenges of mobile banking and payments system. International Journal of u-and e-Service, Science and Technology, 7(6), pp.107-116.

Keogh, K., Gordon, C. and Marinovic, P., (2018) Cybersecurity: Global developments in cybersecurity law: is Australia keeping pace?. LSJ: Law Society of NSW Journal, 2(42), p.82.

Khrais, L.T., (2015) Highlighting the vulnerabilities of the online banking system. The Journal of Internet Banking and Commerce, 20(3), p. 4.

Schäfer, M.S., Scheffran, J. and Penniket, L., (2016) Securitization of media reporting on climate change? A cross-national analysis in nine countries. Security Dialogue, 47(1), pp.76-96.

Seo, S.H., Gupta, A., Sallam, A.M., Bertino, E. and Yim, K., (2014) Detecting mobile malware threats to homeland security through static analysis. Journal of Network and Computer Applications, 38(2), pp.43-53.

Shackelford, S.J., (2016) Protecting intellectual property and privacy in the digital age: The use of national cybersecurity strategies to mitigate cyber risk. Chap. L. Rev., 19(6), p.445.

Shafqat, N. and Masood, A., (2016) Comparative analysis of various national cybersecurity strategies. International Journal of Computer Science and Information Security, 14(1), p.129.

White, J., (2016) Cyber Threats and Cyber Security: National Security Issues, Policy and Strategies. Global Security Studies, 7(4), p. 14