Financial institutions can prevent, or vastly mitigate damage from, security breaches by developing and continually executing a cybersecurity plan.
Increasing digital capabilities are a key factor for banks in maintaining and increasing their market share. Financial institutions should be developing digital transformation plans. Because cyber-attacks and data breaches are more costly to financial institutions than to any other industry, every digital transformation plan should also include a cybersecurity plan.
Marius Nel, owner of 360 Smart Networks, a cybersecurity consulting company in Atlanta shares what must be in any organization’s cybersecurity plan.
Commitment
The most important aspect of a cybersecurity plan is the institution's commitment to carrying out the plan. Senior-level executives must take responsibility for ensuring that every employee is aware of the types of threats that could be faced and how to prevent them. Institutions must form a culture of continuous security awareness.
Funding for necessary tools and expertise also must be part of each year's budget. Last year, the average financial institution spent about $2,300 per full-time equivalent employee on cybersecurity. Institutions might also consider partnerships with cybersecurity organizations, such as the National Cyber Security Alliance (NCSA) and a cybersecurity insurance policy to help offset recovery costs should a breach occur.
Data Classification and Encryption
Financial institutions should classify data based on how sensitive it is. The most sensitive data should be encrypted and have multiple layers of protection. Under this system, financial information for individual customers will then be unreadable to those without an encryption key and appropriate passwords.
Software Management
Regular application of updates and patches is one key to preventing a hacker's entry into the system at the software level. Another key is to continually upgrade software which logs activities, detects breaches and plugs holes in security.
Employee Training
The best-laid cybersecurity plans can go awry unless employees are educated about preventing the threats. In fact, employees represent the greatest potential vulnerability. Hacking/skimming/phishing incidents, the most common breaches, often have their roots in employee actions that expose sensitive data. Accidental email exposure and employee errors also account for a large number of security breaches.
Employees should be trained in procedures for identifying threats, responding to threats and meeting compliance requirements. They also should be trained on infrastructure or software that prevents breaches. Employers also might consider offering employees access to free identity theft protection services that include educational resources.
Response Plan
A key factor in minimizing vulnerability in the aftermath of being hacked is to develop a cybersecurity incident response plan. That plan, which is part of the overall cybersecurity plan, outlines the procedures that will take place beginning from the time the cyberattack is suspected. It would include information on how to classify and contain the attack, including how to isolate the affected system. It also would include when and how to report incidents and how to manage external communications. The plan would also include information on what types of resources would be offered to customers to help mitigate issues.
Continual Improvement
The plan should contain information on how to continually improve technology and processes. The threat never stops and hackers become increasingly sophisticated. To counter this, cybersecurity technology is constantly evolving. Financial institutions must quickly adapt, updating technology and adding new solutions, such as artificial intelligence and biometrics, when needed.