Pub. 2 2021 Issue 3

15 ISSUE 3 | 2021 • Cloud-Based Attacks: Many organizations are migrating more of their infrastructure to the cloud, prompting cybercriminals to shift more of their efforts to cloud-based attacks. Institutions must ensure their cloud infrastructure is securely configured to prevent harmful breaches. Strengthening Security for Your Institution Financial institutions should consider the following strategies to protect their networks and customers while strengthening their cybersecurity posture. • Create Stronger Passwords: Institutions should enforce stronger password requirements for employees and customers to prevent unauthorized account access. Many organizations previously recommended 8-character, frequently changed passwords, but current best practices dictate using passwords consisting of 14-characters or more and changing them once per year or as needed. • Utilize Multi-Factor Authentication (MFA): True MFA — not just double passwords — should be used whenever possible. With MFA, multiple authentication factors are required to verify a user’s identity. This verification strengthens resiliency and prevents fraudsters from accessing an account solely by obtaining or cracking a password. • Enhance Employee Education: Your institution should enhance employee and customer education efforts. Instead of one annual training, provide frequent information that Tyler Leet serves as director of Risk and Compliance Services for CSI’s Regulatory Compliance Group. delivers both basic security principles and news about timely issues. Focus trainings are also recommended based upon an employee’s responsibilities and access rights. Employee education will also reinforce proper online conduct and normalize communicating with IT after encountering a potentially malicious link or other risk. • Secure Internet Access: It is critical to ensure proper network security for employee VPNs and their home networks. Encourage employees to use high-quality routers with strong network passwords, run current security protocols, and install up-to-date virus and malware protection on personal and corporate devices. Your institution should also review your policies for VPN access and removal, acceptable use of business devices, and any other relevant corporate policies. Facing Future Cyber Threats As your institution navigates this new landscape, ensure the proper security controls are in place to enhance your risk mitigation and stay one step ahead of emerging cyber threats.  May 145 years First National Bank of Hutchinson Hutchinson 135 years Citizens Bank of Kansas Kingman 132 years State Bank of Bern Bern 129 years Kendall State Bank Valley Falls 126 years State Bank of Canton Canton 121 years Citizens State Bank & Trust Co. Ellsworth 120 years Bison State Bank Bison 120 years Union State Bank Uniontown 116 years Kanza Bank Kingman 98 years First National Bank Hope 31 years The Trust Company of Kansas Wichita June 124 years Peoples State Bank Manhattan 120 years Union State Bank Clay Center 119 years KansasLand Bank Quinter 112 years Farmers State Bank McPherson 110 years Astra Bank - Scandia Scandia ANNIVERSARIES