Deloitte conducts its second cybersecurity analysis of Kazakhstan commercial banks

Deloitte Caspian Region recently performed its annual analysis of the cybersecurity in commercial banks in Kazakhstan. However, this year, the analysis was expanded to cover banks in Azerbaijan and Uzbekistan, allowing it to compare and contrast data, to give a fully picture of maturity levels across the region. The details in the report are non-specific and do not mention specific banks, and only provide aggregate information.

The analysis was carried out using commercial bank public websites and mobile applications, as well a set of open online tools such as Google PageSpeed, SSLLabs, Talos Intellegence, Trusted Source, Haveibeenpwned and others. In addition to the banks’ main internet websites, the analysis looked into portals used by corporate and retail clients. All in all, a total of 47 web addresses were analysed.

General findings showed that the banks involved improved the security around their internet resources in the last year, and also that the general level of security of Kazakhstan banks is higher than banks in Azerbaijan and Uzbekistan. Kazakhstan banks returned better or comparable (±2%) results in seven of the 10 analysis areas, which included website access, domain reputation, HTTP title security, traffic security, mail server security, mobile application security, email address leaks, Java-programme vulnerability, open ports and how personal data requirements are met.

You can find more details on the analysis on the official Deloitte Caspian Region website here