20 FIVE STRATEGIES FOR STRENGTHENING YOUR BANK’S CYBERSECURITY POSTURE By Steve Sanders, CSI In its seventh annual survey, CSI asked banking executives from across the nation about their top strategies and priorities for 2022. The results were used to inform the 2022 Banking Priorities Executive Report, which details the challenges and opportunities in today’s financial landscape. When asked about the one issue that will most affect the financial industry in 2022, it’s no surprise that cybersecurity (26%) outranked the other two leading issues – recruiting/ retaining employees (21%) and regulatory change (14%). What Did Bankers Identify as the Top Cybersecurity Threats for 2022? According to the 2022 results, an overwhelming majority of bankers view employee-targeted phishing (57%) as the top cybersecurity threat, with customer-targeted phishing (51%) following closely. Often the result of social engineering schemes, 48% of bankers worry about the threat of ransomware. As cybercriminals enhance their tactics to continue targeting data-rich institutions, this concern is well-founded. Ransomware is a type of malware that locks out the authorized user once installed and encrypts the available data to hold for ransom, posing an operational and reputational risk. Incidents of ransomware have risen, with the global attack volume skyrocketing by more than 150% for the first half of 2021 compared to the previous year. The current geopolitical climate, greater reliance on digital channels and increased turnover in a variety of industries have created an environment ripe for vulnerabilities. And cybercriminals are wasting no time exploiting the weaknesses and vulnerabilities of systems to launch sophisticated attacks. Unfortunately, the availability and automated nature of modern ransomware allows an attack to be initiated with limited upfront costs and maintenance from criminals. Since ransomware attacks pose little risk to the hacker, provide a quick payout for criminals and are carried out relatively easily and anonymously, institutions should remain on high alert to identify and combat these threats. How to Strengthen Your Bank’s Cybersecurity Posture As incidents of ransomware and other attacks increase in frequency and sophistication, consider the following strategies to enhance your bank’s cybersecurity posture: • Prioritize Cybersecurity Training: With 41% of bankers emphasizing employee/board cybersecurity training, most understand that the “people factor” represents an institution’s biggest potential weakness. To create a cybersecurity-focused culture, ensure employees are familiar with the latest threats and know how to identify the warning signs. If employees fail social engineering tests, revisit your strategy to provide real examples of phishing as well as incentives for employees to do their part. • Raise Customer Awareness: Only 18% of bankers identified customer cybersecurity training as a top tactic in 2022, but it’s important to remember that banks benefit significantly from an informed customer base. Since customers, especially those newest to digital banking, are another component of the “people factor,” institutions must ensure they reinforce
RkJQdWJsaXNoZXIy ODQxMjUw