Issue 1 • 2022 21 ONE LAST THING ... Did you know that you can enjoy your association news anytime, anywhere? Scan the QR code or visit: new-mexico-bankers-digest.thenewslinkgroup.org Check it out! The new online article build-outs allow you to: • Stay up to date with the latest association news • Share your favorite articles to social channels • Email articles to friends or colleagues There is still a flipping book for those of you who prefer swiping and a downloadable PDF. the importance of good cyber hygiene through cybersecurity awareness programs, which could include videos and gamification. • Update Your Incident Response Plan (IRP): Institutions must consider all the operational, financial and reputational implications of being held hostage to ransomware. Your bank’s IRP should include planning for data and system backups, communication plans, business continuity plans if employees or customers are unable to access your systems and dealing with the attackers. You don’t want to confront those issues for the first time during a ransomware attack. With 23% of bankers reporting IRP testing as a top tactic to combat cyber threats, remember that maintaining a tested IRP puts your bank in a stronger position to withstand an attack. • Conduct Vendor Due Diligence: Even if your internal systems and employees are prepared for a cybersecurity attack, your bank is vulnerable if an external vendor does not adhere to the same defense standards. Appropriate cybersecurity due diligence and regular monitoring should be conducted on all thirdparty vendors, especially any external vendor who has access to your sensitive data or systems. This process is critical to mitigate risk of supply chain attacks, which have surged in the past year. • Implement Multi-Factor Authentication (MFA): Incorporate MFA into all applications where employees – or customers – must enter their credentials. With MFA, multiple authentication factors are required to verify a user’s identity, preventing unauthorized account access. This verification strengthens resiliency and provides an effective defense against the two largest threat vectors: social engineering and phishing. When confronted with this extra obstacle, many hackers will move to a less secure target. Maximize Protections with a Layered Approach to Cybersecurity As institutions navigate the changing cybersecurity landscape, embracing a layered approach to cybersecurity will maximize protections for your bank. Implementing multiple layers of security – including cybersecurity training and tools – makes it more difficult for cybercriminals to infiltrate your systems and keeps employees and customers secure. Download CSI’s 2022 Banking Priorities Executive Report for additional insight into bankers’ perceptions of cyber threats, technology, compliance and more. n Steve Sanders serves as CSI’s chief information security officer. In his role, Steve leads CSI’s information security vision, strategy and program and chairs the company’s Information Security Committee. He also oversees vulnerability monitoring and awareness programs as well as information security training. With over 15 years of experience focused on cybersecurity, information security and privacy, he employs his strong background in audit, information security and IT security to help board members and senior management gain command of cyber-risk oversight.
RkJQdWJsaXNoZXIy ODQxMjUw