Azerbaijani Banks Cyber Security Review
BAKU, Azerbaijan, Jan. 8
Deloitte’s Baku Cyber team is pleased to present it first cybersecurity review. We chose 26 banks in Azerbaijan as the review targets. Within the review we studied their publicly available web resources in the Internet. The following set of criteria was used for cybersecurity assessment: Availability, Domain reputation, HTTP Headers security settings, TLS and SSL security, e-mail leaks, Open ports, Cybersquatting and Private data security compliance based of GDPR requirements.
The review results revealed that some banks in Azerbaijan do not apply all cybersecurity standards and practices. The study noted various findings, starting from weak security settings or usage of vulnerable encryption protocols on webservers through the lack of user awareness in cyber security matters. The report highlights all the identified issues and contains recommendations on the possible ways of addressing them.
In the review we did not assess criticality level of our findings. However, our global experience depicts that there is no minor risk in Cyber. Hackers and criminal groups continuously try to compromise organizations cybersecurity and utilize any vulnerabilities they able to find. With the purpose to address this challenge, Deloitte as a leading consulting company, promotes key principle - Cyber Everywhere.
The full report is available through the link: https://www2.deloitte.com/az/en/pages/risk/articles/azerbaijani-banks-cyber-security.html
Please do not hesitate to contact us if you have any issues or comments regarding the report.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities (collectively, the “Deloitte organization”). DTTL (also referred to as “Deloitte Global”) and each of its member firms and related entities are legally separate and independent entities, which cannot obligate or bind each other in respect of third parties. DTTL and each DTTL member firm and related entity is liable only for its own acts and omissions, and not those of each other. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more.
Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax and related services. Our global network of member firms and related entities in more than 150 countries and territories (collectively, the “Deloitte organization”) serves four out of five Fortune Global 500® companies. Learn how Deloitte’s more than 330,000 people make an impact that matters at www.deloitte.com.