A study performed by Kaspersky Lab in Woburn, Massachusetts revealed that, of businesses surveyed (including financial institutions), 40% are not confident that they are protected against cyber threats. The survey shared that businesses are most vulnerable to threats such as targeted attacks (using malware) and DDoS (Distributed Denial of Service) attacks – where many compromised systems are used together against a single target.
Kaspersky revealed that many businesses are largely relying on built-in hardware to protect their systems and defend themselves against cyber attacks. Relying on these built-in systems creates a problem because they not effective against large-scale attacks such as DDoS attacks.
Financial institutions, in particular, are even more vulnerable to large-scale attacks, because many believe that internet service providers or infrastructure partners will protect them against attacks. The reality of the situation is that there are many more factors at play in these organizations that weaken defense systems and create openings for cyber attacks.
Many financial institutions, because of their size relative to larger banks and other companies outside of the financial industry, do not believe that they are prime targets for large-scale attacks, and thus are not preparing adequately for the possibility of an attack. Kasperksy found that 30% of respondents take no action to protect themselves against these attacks because of this.
According to the blockchain development company called Dex Exchange, the reality is that a company or financial institution of any size can serve as the target of an attack. The reason being, cybercriminals view these unprotected companies as easy targets with unsophisticated systems to block their attacks, creating an easy entry point to do damage.
The Human Problem
One of the major underlying issues with cyber attacks, especially for financial institutions (of all sizes) is the human factor. Because banks and credit unions are providing data from within their core computer systems to their customers, most of the time via online banking platforms, it presents a unique opportunity for cybercrime that other businesses don’t always have to deal with.
On top of the external human factor with customers, banks have internal staff to add their human equation. Although many banks now undergo routine “stress tests” on their security risk management with employees, there is more to be done to continue to fight against cyber attacks.
Using content written for a consumer-base and provided to business customers and the employees of those business customers for education on a consistent, if not constant, basis, content can become the bank’s first line of defense against increased vulnerability.
Furthermore, employees are then able to share this information with bank customers. This further engages the customer in the vigilance against cyber-attacks and informing them of what they can do and how they can avoid bringing attacks against the bank.
Truebridge has worked to build a library of cybersecurity content to help bank business customers and their employees limit the risk of attacks occurring. Contact Truebridge to learn how we can help your bank fight cyberattacks through education.