With words like “trust” and “security” ranking among the top reasons people ultimately choose to do business with a financial institution, today’s banks are now in a circumstance that requires them to be ever-vigilant with their cyber security practices.
The cyber security landscape of today seems to be continually worsening. Hackers are finding new ways to breach secure networks and gain access to customer information. Instead of playing the game one-sided, hackers are also targeting individual consumers – customers of your bank – in order to plant tools that will help them gain access to your network.
In fact, American Banker reports that the number one way banks are attacked by cyber criminals is through their web-based applications (48% of data breaches). Malware, for instance, is inserted into the bank’s website or mobile application screen and can collect personal information that your customers will readily hand over, since they are on the bank website to begin with.
Oftentimes, we envision cyber criminals as one person, sitting for countless hours behind a computer terminal, picking out individual businesses or consumers to target and hack their information. Therefore, much of the public perception around cyber security issues remains “the chances of it happening to me are small.”
In reality, cyber criminals are designing automated tools to do their hacking for them. This allows their targets to widen exponentially, opening up business of all sizes and all consumers to the threat of cyber security attacks and attacks on their information. After the code, or malware, is deployed, all a cyber criminal must do is sit and wait for the information to roll into their databases.
How to Respond
In response to this, there are three areas that your organization can focus on to lessen the chances of cyber security attacks from both internal employees and your customers. This not only helps your organization better prepare, but can help lessen your liability in cyber security preparedness.
- Awareness of threats. The first step in engaging internal and external customers in cyber security threats is to first generate the awareness of threats to your organization. As mentioned above, many people believe the odds of attacks happening to them or their business are small because they do not understand how cyber attacks work. Providing resources about cyber threats helps move customers from the awareness stage into the consideration and action stages of cyber security.
- Educate your employees. A rigorous, structured internal training program is a much needed step to organize your employees around the dangers of cyber security threats. Many organizations focus on once or twice yearly stress tests with their employees to check the aptitude of the staff and then retroactively point out errors made. Devising a proactive system of education for your employees will help in the year-round effort to combat cyber attacks.
- Educate your customers. Similar to the idea that your employees must be trained, your customers must also be educated about ways to avoid exposure to cyber security threats and identity theft. Providing content and resources for customers to access and learn about ways to avoid threats will help reduce your external threat factors and liability from this group.
Enhance your internal and external cyber security. Enroll in Truebridge’s new Cyber Security Tips feed by filling out the form below.
American Banker, “Where Banks Are Most Vulnerable to Cyber Attacks Now,” April 25, 2016