Cybersecurity Threats Loom Large for Banks
July 14, 2021
By: Kate Drew
Cybersecurity threats top the list of important issues for US bankers in 2021. According to CSI’s 2021 Banking Priorities Survey, 34% of respondents believe cybersecurity threats will have the greatest impact on financial services this year, with meeting customer expectations coming in second, at 19%. This is quite understandable given the surge in digital activity at financial institutions in the last year or so as a result of the Covid-19 pandemic, which has brought ample opportunity for bad actors to launch attacks. In fact, a separate report by BAE Systems Applied Intelligence recently found that nearly three-quarters of banks and insurers in the US and UK have seen an increase cyberattacks since the start of the pandemic, and “criminal activity” detected by financial institutions is up by 29%.
For the most part, bankers in the US are worried about phishing schemes — 34% selected customer-targeted phishing as the greatest cybersecurity threat to their organization today, while 32% selected employee-targeted phishing. The term “phishing” refers to the practice of sending emails that appear to be from reputable people or companies to trick an individual into revealing sensitive or personal information. Unaware customers and employees can fall victim to these schemes, revealing critical data like usernames and passwords that can then be used to access a financial institution’s systems. The overwhelming worry on the part of bankers about these kinds of attacks suggests the weakest link in their organizations’ cybersecurity efforts is not their systems at all, but their people.
Combating this issue requires putting cybersecurity training and education at the heart of your defense strategy. Most banks seem to realize this already — 61% put employee and customer cybersecurity training in their top three tactics to strengthen their cyber defenses this year. However, execution will be key, and it’s not likely to be all that straightforward. Banks today have diverse employee bases and customer segments, all with varying degrees of tech-savviness. Being effective here will mean taking a hard look at who you’re talking to and designing a campaign that makes sense for them. Digital is only going to become a more ubiquitous channel, and it will likely reach last those who have the least experience with it. That means phishing will continue to be a major, and accelerating, threat. And the education around it will have to be tailored and dynamic. Putting a strategy in place now can help stave off losses in the future, paying off big in shored up defenses. But you must do it right, and with intention.
Subscribe to CCG Insights.