Azerbaijani Banks Cyber Security Review
Deloitte’s Baku Cyber team is pleased to present its first cybersecurity review. We chose 26 banks in Azerbaijan as the review targets. Within the review we studied their publicly available web resources in the Internet. The following set of criteria was used for cybersecurity assessment: Availability, Domain reputation, HTTP Headers security settings, TLS and SSL security, e-mail leaks, Open ports, Cybersquatting and Private data security compliance based of GDPR requirments.
The review results revealed that some banks in Azerbaijan do not apply all cybersecurity standards and practices. The study noted various findings, starting from weak security settings or usage of vulnerable encryption protocols on webservers through the lack of user awareness in cyber security matters. The report highlights all the identified issues and contains recommendations on the possible ways of addressing them.
In the review we did not assess criticality level of our findings. However, our global experience depicts that there is no minor risk in Cyber. Hackers and criminal groups continuously try to compromise organizations cybersecurity and utilize any vulnerabilities they able to find. With the purpose to address this challenge, Deloitte as a leading consulting company, promotes key principle - Cyber Everywhere.
Please do not hesitate to contact us if you have any issues or comments regarding the report.