Cybersecurity in banking
In a survey of professionals sponsored by IT developer, GFI Software, 43% of participants felt that the major target of hackers and identity thieves would switch from retailers to banks in 2015. The growing complexity of cyber attacks presents a major threat to the US economy and the global financial network and brings attention to the critical importance of Cybersecurity in banking.
Contrary to the negligible consumer trust in telecom companies (1% of consumers), retailers (2%) and alternative payment providers such as PayPal (8%), 73% of consumers believe banks will keep their payments secure according to an American Bankers Association survey.
Although the implementation costs of new security programs will become more expensive with tighter regulation to insure bank solvency and consumer account protection, the security upgrades are particularly important at small and midsize banks.
When banks experience fraudulent activity half of them receive reimbursement less than a penny on the dollar for the money stolen from financial accounts and the millions of dollars paid out to replace customer debit and credit cards.
Banks have been proactive in deterring cyber crime by distributing payment cards containing electronic chips and establishing neural networks to detect unauthorized intrusions into the institution’s networks
Small banks often contract with outside vendors to run cyber security operations, a practice that increases risk by adding an extra layer and potential target for hackers.
When banks employ IT managers from outside their community they also risk degrading the being local label and the value that consumers assign to it.
The Cyber Security Framework developed by the National Institute of Standards and Technology and discussed in recent news articles provides a valuable resource for the Conference of State Bank Supervisors cyber security guide. The guide follows the five core functions of the Framework which are to identify internal and external risks; detect data breaches, system intrusion and unauthorized access; protect institutional systems, data and assets; respond to potential cyber security incidents and recover from events by re-establishing normal operations and services.
The bank guide also advises on risk mitigation for the 96 million customers adopting mobile banking by 2016. These security enhancements include six-character PINS, dual authentication for logging-in, automatic logout after 15 minutes of inactivity and denying mobile network access for jailbroken electronic devices
On-line ACH banking services agreements must include provisions requiring that the customer adhere to agreed security procedures, keep security procedures confidential, disallow unauthorized account access and promptly notify the bank of unauthorized disclosure or access by unsanctioned individuals.
By setting up security procedures compliant with the Uniform Commercial Code, banks can lessen or prevent financial loss to the bank and its customers if there is a cyber-attack on the customer’s account.
Maintaining bank cyber security and responding to increased regulation is costly.
And… Contact us for information on becoming more competitive with profitable loan pricing.