Is Your Bank Experiencing These 4 Pains? Get a Content Management System
Providing your customers and potential prospects with a great website experience is crucial in...
Are you worried about protecting your community bank against cyberattacks? If so, no wonder—cyberattacks against banks increased by 238% in just two months of 2020, according to Cybertalk (https://www.cybertalk.org/2020/08/11/is-it-fiscally-responsible-for-financial-institutions-to-spend-a-small-fortune-on-cyber-security).
It’s no surprise that the costs of cybercrime prevention are increasing along with the risks. As of 2019, the annual cost of bank cybersecurity had surpassed 10% of the overall IT budget, equivalent to $2,300 per employee (https://www2.deloitte.com/de/de/pages/risk/topics/cyber-risk.html).
In this climate, community banks face two major disadvantages against big banks: (1) the expense of cybersecurity is harder to bear, and (2) a security breach destroys trust, sending customers to competitors. So what can you do to protect yourself from cybercrime without breaking the bank?
High-tech anti-cybercrime tools such as AI and analytics tools abound, of course, but they’re expensive. The good news is that you may not need to spend a lot of money on high-tech solutions designed specifically for cybersecurity. According to an article in the Wall Street Journal, “Bigger cybersecurity budgets aren’t always better, and often lead to waste, said David Stender, chief security officer at M&T Bank, which has assets of about $119 billion.” Stender added that what you need is “cost-effective security, not security at any cost.” In other words, be cautious about overspending on cybersecurity tools and focus instead on security hygiene. (https://www.wsj.com/articles/m-t-bank-security-chief-avoid-ai-and-other-shiny-objects-1531946434)
What is security hygiene? Basically, it’s the simple, inexpensive practices you can—and should—implement at your community bank, including regularly updating software, consistently backing up data, and educating all employees on password management and social engineering risks like phishing.
Most banks do cybersecurity awareness training, but many smaller banks may not, said Steven D’Alfonso, a research director at IDC Financial Insights who focuses on compliance, fraud, and risk analytics strategies. “They really should spend time on phishing tests and teaching people how to spot bad links,” he advised. (https://biztechmagazine.com/article/2018/11/where-should-smaller-banks-focus-cybersecurity-efforts)
A quick Google search will find an overwhelming list of cybersecurity resources. The U.S. Government even offers resources on the FDIC website that include videos for bank directors (https://www.fdic.gov/regulations/resources/cybersecurity/). You’ll also find a variety of checklists intended to help you ensure you’re doing all the right things. Some of these lists can be long and intimidating, but for a quick overview of a few important cybersecurity hygiene steps you can take, read on.
Your risk of being a victim of cyberattacks increases as remote and mobile banking become more and more common. Even if you do decide to invest in AI or other high-tech security tools, you can’t neglect security hygiene. A few inexpensive strategies can go far toward defending your community bank against cybercrime. Don’t underestimate the human element. Social engineering depends on the cooperation of people who receive it. Educating your employees is like arming your troops to be an important first line of defense when fraudsters attack.