Importance of Forensics-driven Cybersecurity in the Payments Industry

Share on

Dharshan Shanthamurthy
Founder & CEO

The payments industry has witnessed an exponential growth in the last decade, improving the convenience and experience of users and at the same time bringing about wider financial inclusion. In particular, the growth of digital payments space has been accelerated by innovation, increasing consumer acceptance and a favourable regulatory environment. According to industry estimates, the global digital payments market size was valued at $81.03 billion in 2022 and is expected to expand at a CAGR of 20.8% from 2023 to 2030.

The post-Covid shift in consumer behaviour with a default preference for contactless payments, unparalleled need for next-gen payment methods, increased focus on nimble payment solutions for B2B and SMB segments and the rising competition among payments providers have taken the payments industry by storm. Some of the key emerging trends and drivers that are expected to dominate the digital payments landscape include:

  • The adoption of innovative technologies to enhance digital payment security will be a key force. Technologies such as 3D Secure 2.0, tokenization, encryption and biometric authentication are expected to play a pivotal role in securing the digital payments value chain and ecosystem.
  • Payments 4.X, where payments are embedded and invisible, will see an accelerated growth as an enabling function to provide frictionless customer experience. This would require banks and payments service providers (PSPs) to improve their tech infrastructure especially data, shared infrastructure, platform capabilities and embedded finance.
  • More businesses will remodel their operating models to Payments-as-a-Service utilizing open APIs enabling them to offer scalable, flexible and seamless payments processing capabilities.
  • If cash was king, now digital is divine. New form factors of digital money such as cards, SWIFT, Open Banking, NFC, QR codes, mobile wallets, crypto and CBDC will continue to evolve and drive adoption of real-time payments.
  • Payments industry has attracted fortune 100 companies including the likes of Apple, Google other than the legacy players like banks and card networks that makes this space highly competitive with winners take-it-all approach. Industry consolidation and intensifying competition will be a key driver as the space matures, leaving the battleground open to Big Techs, Paytechs, telecom operators and incumbent players.

With technological advancements and breakthrough innovations comes the need for security. Cybersecurity is the backbone of digital money. With the increasing number of cyberattacks and data breaches, it’s more important than ever to ensure that payment systems are secure and user data is protected. About 90% of banks’ useful customer data comes from payments making them the prime targets of data breaches and hacks. Due to the importance and risks of sensitive customer data, organizations in the payments industry come under intense regulatory oversight. Willie Sutton, the famous American bank robber who stole an estimated $2 million during his forty-year robbery career was asked why he robs banks to which he famously replied, ‘that is where the money is’. His statement holds true for the modern-day payments industry. Today, this space attracts all kinds of fraudsters from sophisticated cyber-criminal gangs to malicious insiders who know the environment.

In the recent past, digital transactions have witnessed increasing instances of online fraud, identity theft, data breaches, malware and account takeovers. Recent incidents such as the Medibank ransomware attack in Australia, data breach at a large-scale payments processor in Malaysia, phishing attack on the UK’s digital bank Revolut, data hack at the crypto exchange FTX, and the DDoS attack on Russia’s Sberbank among others are growing evidence that point to the real threat of cyberattacks to digital payments. Besides, the recent payment data leak by AI chatbot ChatGPT caused by an open-source bug, places greater onus and accountability on the boards of companies for ensuring data security.

Cybersecurity becomes an existential requirement rather than a good-to-have proposition and organizations across the board must adopt a strategic approach. With remote working, increased digital transformation, and rapid take-off of AI, Robotics, 5G etc., organizations are disrupting their operational environments leading to an expanded attack surface. Recessionary business environment has tightened budgets of organizations leading to getting more done from less in cybersecurity. Then there is the human element – the weakest link and a leading factor in 82% of data breaches. Breaches are going to increase in sophistication and frequency, and some organizations are going to struggle to respond or contain them causing widespread damage to business and reputation. It is therefore imperative that organizations spend adequate time understanding the “why” of breaches and invest in implementing right security controls.

Organizations that are going to subscribe to the magic box syndrome are going to fall prey to cyberattacks as false sense of security is more dangerous than knowing that one has weak security. SISA’s belief in Forensics-driven cybersecurity, is one such way to understanding the reasons behind breaches and converting them into cybersecurity solutions. Using a 4D approach that involves Deciphering, Deconstructing, Developing, and Disseminating essential information, SISA’s forensics-driven approach to cybersecurity helps organizations strengthen their security posture through enhanced use cases for data protection and threat hunting and improved preventive, detective and recovery controls. By implementing these learnings-based controls, organizations, especially those in highly regulated sectors such as payments and financial services can effectively prepare for and defend against the evolving threats.


Importance of forensics-driven cybersecurity in the payments industry


In an increasingly data-driven world, organizations must harness the power of their data while maintaining robust information security. Data discovery, a crucial aspect of data management, can help organizations uncover valuable insights while simultaneously ensuring data protection and compliance. This blog post will discuss why organizations should consider data discovery from an information security perspective and provide a comprehensive approach to successfully implement it.

Data Discovery as a key tool for Information Security

Data discovery is a critical component of an organization’s information security strategy. It involves the identification and classification of all data within an organization’s infrastructure, including sensitive data, and is essential for developing effective security controls. Without data discovery, an organization may not be aware of all the data it possesses, where it is located, or who has access to it, leaving them vulnerable to data breaches and other cyber threats. Data discovery enables an organization to gain greater visibility into its data, implement appropriate security measures, comply with data privacy regulations and maintain the trust of their customers. From an information security standpoint, there are several reasons why organizations should consider data discovery:

1. Identify sensitive data:

Data discovery allows organizations to locate and classify sensitive data, such as personally identifiable information (PII), intellectual property, or financial data. Understanding where sensitive data resides is essential for implementing appropriate security measures and complying with data protection regulations like GDPR and CCPA.

2. Enhance access control:

By understanding the nature and location of critical data, organizations can establish role-based access controls and implement the principle of least privilege. Data discovery helps ensure that only authorized personnel have access to sensitive information, reducing the risk of unauthorized access and data breaches.

3. Monitor and audit data usage:

Data discovery tools can help organizations monitor and audit data usage, ensuring compliance with regulatory requirements and internal policies. By tracking data access and usage patterns, organizations can identify anomalies, such as unauthorized access or data exfiltration, and take prompt action to prevent potential breaches.

4. Improve data governance

Implementing data discovery allows organizations to establish a strong data governance framework. This framework includes policies, procedures, and controls to manage data usage, ensure data quality, and maintain data security throughout its lifecycle. Besides, data discovery can help organizations streamline their data management processes by eliminating unnecessary data and reducing the risk of data duplication or inconsistency.

Data Discovery for a strategic approach to Information Security

1. Develop a clear data discovery strategy:

Before embarking on data discovery, organizations should develop a clear strategy that outlines the goals, scope, and objectives of the initiative. This strategy should prioritize data security and compliance, ensuring that data discovery efforts align with the organization’s overall information security program.

2. Choose the right tools:

Select data discovery tools that cater to your organization’s specific needs and are capable of addressing information security concerns. Look for tools with features such as data classification, data lineage, and access control capabilities to enhance your data security posture.

3. Create a cross-functional team:

Establish a cross-functional team with members from data management, information security, and relevant business units. This collaborative approach ensures that data discovery efforts take into account diverse perspectives and maintain a strong focus on information security.

4. Implement data classification and labeling:

Use data discovery tools to classify and label sensitive data according to predefined categories and risk levels. This information can then be used to implement appropriate security controls and data handling procedures.

5. Monitor and audit regularly:

Continuously monitor and audit data access, usage, and security controls to ensure ongoing compliance with regulatory requirements and internal policies. Regularly review and update your data discovery strategy to address evolving security threats and business needs.


Data discovery offers a wealth of benefits, from uncovering hidden insights to driving innovation. However, organizations must also prioritize information security in their data discovery efforts. By developing a clear strategy, choosing the right tools, and fostering collaboration, organizations can unlock the full potential of their data while maintaining a robust information security posture. Results from the data discovery process should help organizations address their information vulnerabilities with thorough details, customized reports, data categorization, and risk assessments that can be used to design improvements and remediation action plans.

Exclusive Insights

SISA’s Latest
close slider