By Sean Feeney
Cyberattacks have become a common threat across all industries, with companies like Verizon, JP Morgan Chase and even the Internal Revenue Service experiencing data breaches. As cyberthreats become increasingly prevalent, especially in the financial industry, more than two-thirds of financial services institutions have faced at least one cybersecurity attack in the last year, according to MetricStream’s The State of Cybersecurity in the Financial Services Industry Survey.
To illustrate the severity of these attacks, the average annualized cost of cybercrime from the financial industry is $16.5 million, as revealed in a report by Hewlett Packard and the Ponemon Institute. Between the fees for legal proceedings against perpetrators, fines imposed by federal authorities, credit-monitoring costs for affected customers and the cost of a third-party forensic examination, community banks cannot afford to have security vulnerabilities.
Beyond financial consequences, the reputational damage of a cyberattack for a community bank can be detrimental. Community banks pride themselves on their strong commitment to their local communities and the thought of having to face their customers at the nearby grocery store following a breach is difficult. To avoid this real-life scenario, it is crucial for financial institutions to establish a solid cybersecurity program. However, unlike large financial institutions with seemingly unlimited resources for security, community banks often face numerous obstacles, including minimal hiring budgets for security personnel, when developing a security program.
Despite these challenges, community banks can take a sustainable and scalable approach to cybersecurity to effectively combat cyber threats as well as any large financial institution. To take a more efficient and proactive stance on cybersecurity, it is important to understand the key challenges associated with managing a cybersecurity program, especially from the perspective of a smaller institution.
While the number of security incidents grows each year — at a rate of 66 percent per year, according to the 2015 Global State of Information Security Survey — the number of point solutions used to combat such attacks increases as well. Cybercriminals constantly evolve their tactics to bypass enhanced security measures, so with each emerging attack vector, the number of tools needed to keep customers safe increases. As a result, banks can accumulate a long queue of cybersecurity products, each designed to combat a new type of security threat. While numerous point solutions exist, banks do not have a solution that synchs security with risk management, IT systems and big data. This means that cybersecurity defenses can become unmanageable, resulting in security vulnerabilities that cybercriminals can exploit.
Rather than risk overburdening the security team with more labor-intensive point solutions, community banks should aggregate data from all security solutions, applications and network solutions to enable a more effective and centralized alerting system. Each point solution, such as intrusion detection systems and firewalls, generates copious amounts of data, which is often unstructured, and requires manual intervention to mine actionable intelligence. This makes it incredibly difficult for a community bank’s security team to quickly detect and respond to potential cyberthreats. The gap can be bridged between the creation of an alert and the remediation of suspicious activity by linking the bank’s cybersecurity policies with the various cybersecurity systems employed by the institution. By unifying and centralizing threat detection, investigation, reporting and compliance, banks can optimize their cybersecurity defenses.
Furthermore, having real-time intelligence about the latest threats and tactics can ensure a higher level of defense. To reduce the frequency of cyberattacks and mitigate the effects of a breach, sharing threat data with other institutions, regulators and infrastructure providers is crucial. Community financial institutions that lack sufficient IT staff can subscribe to threat intelligence feeds and leverage cyberthreat data shared by other security professionals to gain the actionable intelligence needed to protect their institution.
Banks must be aware as cyberattacks evolve and new threats emerge. This also means that a one-time assessment is not enough to prevent an attack. Instead, banks should constantly evaluate and enhance their cybersecurity defenses, which can be accomplished in a cost-effective manner. For banks in rural areas with a limited IT staff, where it is not feasible to hire new talent, turning to an outside team of security experts may be the best option. Leveraging an independent third party to check the system and report any necessary improvements can also be helpful.
No financial institution, regardless of size, is exempt from a potential cyberattack. This, combined with the advent of new cybersecurity regulations like those proposed by the New York State Department of Financial Services, means that the need for effective cybersecurity is at an all-time high. Community financial institutions should stop adding more point solutions and start taking control over their cybersecurity program by unifying threat detection, investigation, reporting and compliance. Doing so allows banks to organize, align and enhance their existing cybersecurity defenses to thwart the latest tactics of cybercriminals without overstretching their budget and IT staff — particularly important for community financial institutions.
Sean Feeney is CEO of DefenseStorm, a security data platform that watches everything on a financial institution’s network and matches it to its policies. For more information, visit www.DefenseStorm.com.