Banks and other financial institutions are prime targets for cybercrime — because that’s where the money is. In fact, recent statistics show that financial service firms were hit 300 more times than other businesses. Each of these cyberattacks typically costs financial service firms millions of dollars.
Smaller financial institutions, including community banks, may be especially at risk, because many hackers believe that the information technology (IT) systems in these organizations are easier and less expensive to breach.
And it’s not just anonymous outside criminals who pose a threat to community banks and their customers. Cybercrime includes a rise in attacks from internal sources, who may be committing infractions such as insider trading, theft, and cyber vandalism. Besides employees, perpetrators may include contractors and temporary workers.
The road ahead
Expect cybercriminals to further adapt to the use of “social engineering,” already a favorite area for fraudsters. Specifically, phishing likely will migrate more aggressively toward social media in an effort to lure gullible users to download and run malware. Other emerging techniques could involve the use of hacking tools stolen by cyber intruders from the U.S. National Security Agency (NSA).
Questions to consider
To better understand the effectiveness of your cybercrime defenses, I encourage you to ask yourself these questions:
- Are you approaching cybersecurity with the right balance of being “open” and being secure?
- Do your cybersecurity practices include employee training and ongoing reviews of authentication and security controls?
- Do you conduct regular cyber intrusion drills, and does that include a detailed response plan (like you have for other types of disasters)?
- Have you focused on internal risk analysis?
- Are your senior leaders educated about your cyber threats? Are they involved and supportive?
- Have you integrated cybersecurity into your business plan and overall risk management structure?
Kevin Fread serves as CIO and CFO of Ironcore, Inc. He possesses more than 40 years of banking and technology experience in a variety of settings, including a community bank, a data services firm, and a global FinTech and payments company. Kevin works closely with Ironcore clients to assist with technology, integration, and strategic planning. You can reach him at email@example.com.