API usage in financial services is already widely prevalent but understanding about the risks involved remains limited and interest in the topic is on the rise, according to cybersecurity firm Imperva.
The usage of application programming interfaces (API) in financial services is a mainstream matter today, be it for simple access to basic data or for use in open banking by allowing external developers to feed applications into a digital platform.
But despite widespread API adoption, some of the associated risks remain less known.
«One new thing that a lot of our customers are asking us […] is API security,» said George Lee, APAC managing director at cybersecurity firm Imperva, in a presentation attended by finews.asia. «That’s the big thing right now is understanding what the API does, as opposed to just using APIs.»
Financial Sector Risk
While cybersecurity risks exist in all industries, financial services consistently ranks at the top target and it accounts for the largest percentage of all attack attempted at 28 percent, according to a Imperva blog post.
The potential for large payouts and valuable data for use or resale in the sector are the most common reasons for these cyberattacks.
CloudVector Acquisition
To address such risks, Imperva acquired API security firm CloudVector in 2021.
«Initial phase was really to build data into cloud environment and one of our goals is to make it deployable anywhere,» Lee said, adding that the firm aims to soon manage deployment from a unified platform.
«Combined with an expanding surface area and novel exploits, all organizations need stronger API visibility and advanced protection,» added Imperva CEO Pam Murphy during the announcement of the acquisition.
Today, Imperva has 85 employees in Singapore and has just moved to a bigger office space in the city-state. The firm also has regional offices across Australia, China, India, Japan and Taiwan.