Ethical Cyber Practices for Banks and Businesses

People using a laptop

Overview

The Project on Responsible Digital Leadership (Responsible Tech), at Stanford University’s Center for Human Rights and Justice, looks at tech-related dilemmas in business. The project seeks to set in motion a global, culturally-conscience, and ethically-minded emerging workforce that has the potential to influence responsible technological innovation worldwide for generations to come.

As digital banking and business practices rise across the globe, so does the need to improve cyber awareness and ethical responses to ransomware attacks. In collaboration with the RMIT's Cloud Innovation Centre, powered by Amazon Web Services (AWS), Responsible Tech set out to explore and analyse the many risks and ethical dilemmas related to the use of new technologies in banking and insurance, and the best ways to respond to these dilemmas.

In July 2021, a diverse student team worked with AWS's innovation methodologies in a CIC Innovation Challenge to look at ways to help financial institutions become aware of these risks and dilemmas and understand how to tackle them in an ethical way.

Problem

As we see an increased use of AI (Artificial Intelligence) and technologies in banking and finance, there is a growing need to analyse and mitigate the ethical risks associated with this. We need to define the risks that may come from technology usage in order to secure the future of the financial sector from ethical issues associated with data use and AI.

Finance and banking institutions, such as Fintech companies and Neo Banks are predicted to incur ransomware costs of $20 billion in 2021 (Cybersecurity Ventures). With an increase in working from home alongside other impacts of the COVID-19 crisis, ransomware attacks have increased by nearly 500 per cent since the start of the pandemic (The Conversation).

The CIC Team, along with the Responsible Tech project team wanted to take on the challenge of not only helping these businesses and banks respond to cyber-attacks, but ensure they know how to do so in ethical ways.

The student team was presented with the problem statement:

"How might we ensure a bank or business response to ransomware is made using ethical principles?"

Approach

Students participated in an intense Working Backwards Workshop led by Catherine Eibner, Head of Cloud Innovation from the AWS team, to identify and understand the customer's needs and the problem they are facing. By taking part in this workshop, students were able to understand the situations in which banks and businesses are most vulnerable to ransomware attacks, and why solutions to mitigate these risks have to be ethically efficient.

The team used several innovation activities to expand their thinking and develop ideas, which were then channelled towards producing two artefacts – a mock Press Release and Frequently Asked Questions document. Both artefacts helped the students understand in great depth both who their customer is, the reality of walking in that customer’s shoes, and why a solution to this problem is necessary.

After completing the Working Backwards process and developing a refined understanding of the problem space, Team Diversity decided to reframe their problem statement to –

“How might we encourage ethical cybercrime principles, for bank and business employees, so that ransomware attacks are handled responsibly”

before moving into solution mode to develop their ideas from paper to prototype.

Outcome

Team Diversity:

The team developed a solution called Shield CyberGames and ShieldSet, a web-based set of gamified training modules that teaches users about cyber-attacks, preventative measures, and response techniques. Designed for users of all levels of cyber security knowledge, Shield CyberGames places the user in a simulated cyber-attack based on a real-life situation, and guides them to learn ethical cyber security measures. Using experiential and adaptive learning, the games are designed to test the user for existing knowledge and place them into the attack simulation that best suits their existing skillset. Upon completing the game, the user is directed to the appropriate learning modules designed to advance their skillset. Security executives can track employee performance to assess overall workplace competency.

Supporting Artifacts Created by the Students

About the RMIT CIC

The RMIT Cyber Ready CIC is a collaboration between RMIT and Amazon Web Services (AWS) and forms part of a growing global network of Cloud Innovation Centres (CICs) designed to address public sector challenges through digital innovation.

The CIC is based at RMIT's home of innovation and entrepreneurship, Activator, and draws from experts across various fields, including RMIT's Blockchain Innovation Hub, Health Transformation Lab and RMIT Online – giving partners access to the best innovative thinkers and brightest young minds from across the University.

AWS' cloud technology backs the CIC and expertise in machine learning, high-performance computing and data analytics, ensuring prototypes are equipped to deliver practical solutions using cutting edge tools and Technology.

About Challenge Sponsor

The DxHub team leads public sector organizations through innovation and solution workshops structured to generate big ideas and impactful solutions. Through product development sprints and customer validation testing, the team creates a ‘lean prototype’ that brings the solution to life.  

One of their projects- Responsible Technology aims to enable companies everywhere to use technology and data responsibly to build trust in ways that will protect the interests, privacy and rights of those whose data is being collected and used, and are mindful of impact and to provide flexibility required to comply with local regulations, laws and cultural expectations. Drive rather than constrain, innovation that benefits individuals, businesses, society, and future generations so that adoption of responsible digital leadership models, principles and practices is seen as a must do – rather than a nice to do.

Thanks goes to  our Challenge Sponsors:

Søren Juul Jørgensen – Fellow, Center for Human Rights and International Justice, Stanford University

Eskil Olav Anderson – Doctoral Student, Responsible Digital Leadership Project, Stanford University

Elise St. John – Researcher & Academic Strategist, Digital Transformation Hub, California Polytechnic State University

Cyber Ready CIC Team:

  • Matt Salier, Director, RMIT Cyber Ready Cloud Innovation Centre
  • Meg San Miguel, Program Delivery Lead, RMIT Cyber Ready Cloud Innovation Centre
  • Bobbie Couhbor, Senior Solutions Architect, Cloud Innovation Australia, New Zealand & Oceania, AWS
  • Catherine Eibner, Head of Cloud Innovation Australia, New Zealand & Oceania, AWS
  • Georgia Smith, Cloud Innovation Program Manager, Australia, New Zealand & Oceania, AWS
  • Nivetha Thandapani, Business Innovation Support Intern, RMIT Cyber Ready Cloud Innovation Centre
  • Zian Fernandes, Technical Innovation Support Intern, RMIT Cyber Ready Cloud Innovation Centre

Students:

Team Diversity:

  • Blake Frost
  • Gabriel Valentino
  • Jim Moriarty
  • Mohammed Kolothum Thodi
  • Raja Rajeswari Cheedhara

Become an industry sponsor

Engage in a fast-paced innovation sprint that sees multidiscplinary teams of students working on a real-life cyber security challenge faced by your organisation.

aboriginal flag
torres strait flag

Acknowledgement of Country

RMIT University acknowledges the people of the Woi wurrung and Boon wurrung language groups of the eastern Kulin Nation on whose unceded lands we conduct the business of the University. RMIT University respectfully acknowledges their Ancestors and Elders, past and present. RMIT also acknowledges the Traditional Custodians and their Ancestors of the lands and waters across Australia where we conduct our business - Artwork 'Luwaytini' by Mark Cleaver, Palawa.

aboriginal flag
torres strait flag

Acknowledgement of Country

RMIT University acknowledges the people of the Woi wurrung and Boon wurrung language groups of the eastern Kulin Nation on whose unceded lands we conduct the business of the University. RMIT University respectfully acknowledges their Ancestors and Elders, past and present. RMIT also acknowledges the Traditional Custodians and their Ancestors of the lands and waters across Australia where we conduct our business.