Businesses within the financial industry are among the safest and most secure companies in the world. They must be because they house and protect their clients’ most valuable assets. While physical bank robberies continue to decline, the financial industry has become the #1 target for cybercrimes. Criminals would rather use ransomware instead of a weapon, and for good reason. According to Forbes, half of all businesses will pay a ransom, with the average cost being nearly $112,000. That does not include financial and business losses from a ransomware or cyberattack downtime, which lasts about two weeks on average. For most banks and financial institutions, cybersecurity is already top of mind, and in reality, cybersecurity is critical.
Here are three things a bank should ask when it comes to cybersecurity:
What do hackers want?
It may seem obvious that money is what most hackers want, but money is not the only thing hackers are after when targeting banks. As Flagstar Bank, a financial institution from Michigan learned, hackers also want data. When a ransomware attack hit Flagstar in Jan. 2021, the hackers stole Social Security numbers, names, and addresses of both employees and clients.
Banks sit on a treasure trove of client data, and bad actors know this. Unsurprisingly, the U.S. Securities and Exchange Commission issued a Ransomware Alert in July 2020 warning of the increased sophistication of ransomware attacks on SEC registrations. Protecting clients’ data should be a top priority of a bank because, for hackers, their top priority is to steal it.
What are the concerns after a compromise?
Reputation Damage
When data does get compromised, there are several concerns banks need to keep in mind. The first is reputation. Clients trust banks to keep their assets and data safe. When a breach happens and is made public, it damages that trust. Missouri law mandates that in most cases, businesses must notify individuals if their data has been breached. Few things are as embarrassing to a company as telling customers that their data was stolen. Discretion is always desired in a compromise, but knowledge of the attack will almost always become public, usually because the hackers will post the information on the internet.
Government Fines
The second concern banks should be aware of after a breach are potential fines. In recent years, the Federal Trade Commission has heavily penalized financial institutions that allowed a breach to happen because they lacked proper cybersecurity protection. The most notable example of this was when Equifax paid an estimated $575 million as part of a settlement for their 2017 breach. Compounding the costs of the breach itself with potential fines and reputation damage can be devastating for any business, especially banks.
Cybersecurity Insurance
The final concern should be cybersecurity insurance, and every bank should have a cybersecurity insurance policy. These policies are crucial in the event of a breach. But many insurers are increasing the requirements that companies and organizations have for coverage. These requirements are typically based on having a certain level of security and protections in place to prevent a breach. Every bank should check their cyber insurance policy to ensure they have proper coverage and are meeting security requirements under the policy, so they are not left in the dark in the event of a compromise.
Where do cyber threats come from?
Banks also need to understand where threats are coming from so that they can adequately guard against them. Despite hacker stereotypes, most data breaches come from internal threats and human error. An employee might click a bad link in a phishing scam or accidentally download sensitive data. Hackers love to target employees by using tricks and information they know will fool someone into clicking a link or providing login credentials. This process is called social engineering. Hackers can learn a lot about someone, usually from the data they have stolen from someone else, and use that information to make highly personalized messages that seem genuine. All it takes is a smart and timely actor to send an email that mimics a business partner at the height of a very important transaction to trick someone into wiring funds to the wrong account.
Another major source of breaches is third-party vendors. Almost every bank uses third-party vendors, like most organizations. But also, like most organizations, banks do not always keep track of their third-party vendors and the level of access they have; a recent study by SecureLink found that 51% of organizations have experienced a breach by a third party.
It is not only a lack of vendor vetting causing that number to be so high, but also because many companies, banks included, make the mistake of trusting vendors based solely on reputation or signed contracts. A legal contract does not necessarily mean the vendor is safe and secure. Furthermore, it does not always protect against liability in the event of a breach. Why is that important? New legislation is increasingly putting the responsibility on the company or organization that was breached, not the third-party vendor who caused the breach. Knowing who has access to your data and the level of security those vendors have is vital to keeping a bank secure.
Keeping Your Bank Cyber Secure
How does a bank keep itself and its clients protected from ongoing and increasing cyber threats? Several simple steps can be taken, such as:
- Regularly changing passwords
- Having a Cyber Incident Response Process and Policy
- Employees trained on current security threats and best-practices
- Process for vetting security of vendors
But the most critical step is not to try and build a cybersecurity strategy alone. Having a Managed IT Services Provider should be a bank’s top investment. An MSP can provide 24-hour comprehensive IT support and services and provide the peace of mind that banks need. A dedicated MSP can help build a proper cybersecurity strategy, manage threats, and assess weaknesses and vulnerabilities so a bank can focus on what is most important: serving its clients.
Greg Morse is the Marketing Coordinator of Stronghold Data, a 2021 ChannelFutures 501 and CRN 500 Managed Services Provider, located in Joplin, MO. Stronghold Data, a New Charter Technologies Company, specializes in managed IT services, data security and backup, and private cloud management. For more information, visit Strongholddata.com or call 417-427-7905 to speak with a representative today. Scan the QR code below to download a complimentary Cybersecurity Self-Assessment.