Pub. 8 2020 Issue 1

ISSUE 1. 2020 17 BANKING SECURITY AND CULTURE Security Services Inc 801.489.9600 securityservicesutah.com • Video Surveillance • Electronic Alarm Systems • Vault and Safe • Locks • Access Control • Under Counter Steel • Pneumatic Drive Up Equipment • Deal Drawers • Home Theater Audio/Visual Sound Systems • Networking/ Structured Wiring A s of October 2019, IBM estimated that the average total cost of a global data breach is now $3.92 million. If you consider just the U.S., it’s $8.19 million with an average number of records per breach of 25,575. Cy- berattacks are also becoming increasingly frequent. According to the University of Maryland in 2018, cyberattacks take place every 39 seconds. What can you do to protect your bank? • Get a state-of-the-art security system. • Build a culture of security. The first step toward a security-oriented culture occurs at the very top of the organization. Integrating a security system into the bank’s business processes is expensive, so you need the support of key decision-makers. You can gain their support by presenting your case in terms of financial risks. If a security problem takes down a server for two hours, the cost of that time is the number of employees who were affected mul- tiplied by their hourly wage. According to the PayScale website, the average salary at U.S. banks is $69,000 annually. That is more than $33 per hour. If 50 employees earning $33 per hour were affected, the bank lost more than $1,650. Evaluate each job role at the bank in terms of bank security. When changes need to be made to current systems, complete a security review before making changes to any current systems, and resolve any issues before implementation. Be sure to main- tain any changes after implementation. To create a security culture, communicate about it to all em- ployees and then train them on an on-going basis. Train new employees, including senior management and security person- nel, and also provide refresher courses. During performance evaluations, set aside time to evaluate each employee’s role in maintaining security. Use email messages, posters and presenta- tions. Also, include incentives for adopting new programs. Why is it so important to get everyone involved? One person is enough to scuttle an entire program. Connect people to the process, encourage them to maintain security, and battle the tendency within the bank to ignore safety efforts because of self-interest or isolation. To implement the new program, appoint a cross-functional task force that includes key stakeholders. Include experts in the following areas: • Compliance • Current laws • Information technology and operations • Security The task force can: • Provide advice and implement changes that will meet the organization’s security needs. • Monitor the existing systems and correct violations. If you build a security culture that minimizes financial losses, it will help your bank be as safe and trustworthy as possible. n