Banks and financial institutions in Vietnam advised to focus on their clients’ information security

20 March 2008, Hanoi - PwC advises banks and financial institutions to protect themselves from security risks. The banking industry should focus on information security to eliminate the possibility of significant damage to their clients’ information.

“The success of a bank or financial institution rests on its credibility and reputation, and security threats from cyberspace pose great challenges to both,” said Ms. Vilaiporn Taweelapontong, a director at PricewaterhouseCoopers Mekong who spoke yesterday at the Security World 2008 conference in Hanoi.

Security dangers can destabilise banking networks and may do harm to customers’ personal information. Banks and financial institutions should be aware that gaps in information security could quickly ruin their credibility and reputation. The banking industry should also realise that client security and confidentiality is both a fundamental principle and key factor of the banking industry.

Ms. Taweelapontong, who has spent a number of years working in the Security and Privacy Practice of PricewaterhouseCoopers New York where she has served many large multinational companies, suggests that banks and financial institutions perform penetration tests, which prove the effectiveness of information system security, in order to maintain a high security standard and protect customer information.

“Banks and other financial institutions need to perform various penetration tests in the process of identifying and actively exploiting vulnerabilities in an information technology environment. The objectives of the tests are to simulate attacks from real-life scenarios to uncover weaknesses in the systems, to determine how vulnerable your bank is to the latest hacking trends, to determine how well security policies have been implemented and to increase security awareness,” she added.

Ms. Taweelapontong has helped many companies in the USA and Asia design enterprise-wide information security architecture and implement technologies to support compliance and risk management. She was a speaker at the Security World 2008 conference in Hanoi on 19 March which focused on Strengthening Security Awareness and Deploying Network Security. The Security World Conference sessions were conducted by many network information security professionals who discussed the current status and trends of data security in the Asia-Pacific region, and their impact on Vietnam.