In its annual Banking Priorities survey, CSI asked bankers to identify the issue most likely to affect the financial industry in 2022. It’s no surprise that cybersecurity (26%) topped the list, as bankers’ responses were likely influenced by the influx of cybersecurity incidents from the prior year. And unfortunately, the trend of cybersecurity incidents making headlines is likely to continue. To gain further insight into bankers’ perspectives, CSI also asked bankers for their views on top cybersecurity threats and tactics to enhance defenses.
Exploring the Top Cybersecurity Threats
According to the 2022 results, most bankers view employee-targeted phishing as the top cybersecurity threat with customer-targeted phishing following closely. Let’s examine the breakdown:
- Employee-targeted phishing: The results reveal 57% of bankers are most concerned about phishing aimed at internal targets that let attackers into internal systems. As cybercriminals enhance their tactics to continue targeting data-rich financial institutions, this concern is well-founded.
- Customer-targeted phishing: 51% of bankers are also concerned about social engineering aimed at customers via phishing. Cybercriminals are continuing to launch email impersonation attacks, posing as a consumer’s personal bank to trick them into providing sensitive account information.
- Ransomware: Often the result of social engineering schemes, 48% of bankers are worried about the threat of ransomware in 2022. Incidents of ransomware have risen, with the global attack volume skyrocketing by more than 150% for the first half of 2021 compared to the previous year. This type of malware is a costly cyber event, often posing significant operational and reputational risk.
Want the full results of the 2022 Banking Priorities survey? Download the executive report now!
Other Cybersecurity Issues on Bankers’ Radar
Considering nearly every successful breach involves some form of social engineering, it is warranted that 40% of bankers are concerned about social engineering as a whole. While the remaining threats did not garner as much attention, bankers should take steps to strengthen their cybersecurity posture to mitigate the following issues:
10 Strategies to Combat Top Cybersecurity Threats
As cyber incidents increase in frequency and sophistication, consider the following strategies to enhance your cybersecurity posture and protect your data, systems and users.
- Create a Culture of Cybersecurity: One of the most effective strategies to combat cyber threats is creating a culture of security within the institution. With 41% of bankers placing emphasis on employee/board cybersecurity training, most understand that people represent an institution’s biggest potential weakness. To create a cybersecurity-focused culture, ensure employees are familiar with the latest threats and know how to identify the warning signs. Employees are also more likely to follow the appropriate security processes if they understand the associated risks. Use real examples of phishing during trainings and provide incentives for employees to do their part.
- Connect with Consumers about Cybersecurity: Additionally, institutions benefit significantly from an informed customer or member base. Despite the importance of consumer education, a mere 18% of bankers listed this as a tactic they would use in 2022 to combat cyber threats. As consumers become increasingly desensitized to cyber risk, it’s more critical than ever that institutions reinforce the importance of good cyber hygiene through cybersecurity awareness programs, which could include videos and gamification in your digital platform. When done effectively, consumer cybersecurity education represents a valuable opportunity to increase new business through knowledge sharing.
- Perform Vulnerability Scanning: 44% of bankers name recurring vulnerability scanning as the top tactic to strengthen their cybersecurity posture in 2022. Vulnerability assessments should be conducted to identify areas that need attention. Regular internal and external assessments should be performed to keep your institution both compliant and secure. But it’s not enough to complete these assessments; you must review the results and remediate the findings to maintain good cyber hygiene.
- Update and Test Your Incident Response Plan: Your institution must enhance preparedness by planning for exactly how you would respond to a cyberattack. Consider all of the operational, financial and reputational implications of being held hostage to ransomware by developing—and testing—an incident response plan (IRP). Your IRP should include planning for data and system backups, communication plans, business continuity plans and dealing with the attackers. You don’t want to confront those issues for the first time during a ransomware attack. Only 23% of bankers report IRP testing as a tactic to combat cyber threats compared to 26% in 2021. Remember that maintaining a tested IRP puts your institution in a stronger position to withstand the inevitable cyberattack.
- Conduct Vendor Due Diligence:Even if your internal systems and employees are prepared for a cybersecurity attack, your institution is vulnerable if an external vendor is not adhering to the same level of defense standards. Appropriate cybersecurity due diligence and regular monitoring should be conducted on all third-party vendors, especially any external vendor who has access to your sensitive data or systems. This process is also critical to mitigate risk of supply chain attacks, which have surged in the past year.
- Utilize Multi-Factor Authentication (MFA): While strong passwords are always encouraged, there is no substitute for the protection provided by MFA. To better secure accounts, incorporate MFA into all applications where employees—or customers—must enter their credentials. With MFA, multiple authentication factors are required to verify a user’s identity, preventing unauthorized account access. This verification strengthens resiliency and provides an effective defense against the two largest threat vectors: social engineering and phishing.
- Monitor Your Entire Infrastructure: As cybersecurity threats and vulnerabilities continue to evolve, institutions should prioritize around-the-clock monitoring for suspicious activity. Leveraging SIEM-as-a-Service (SIEMaaS) is one strategy in which an outsourced provider monitors your network and provides incident response to threats in real time. In a SIEMaaS model, an organization collects all event logs and securely sends them to an outsourced SIEM which produces relevant alerts. An outsourced SIEM reduces the time burden on internal IT and turns the cost into an ongoing operational expense rather than a large upfront investment.
- Secure Your Endpoints: When it comes to a cyberattack, hackers will choose the entry point that is the least protected, often sidestepping network defenses to target and directly penetrate endpoints. Despite only 10% of bankers reporting endpoint security as a top threat in 2022, institutions must have controls in place to secure endpoints, including servers and other devices with network access. An EDR solution monitors behavior of applications and users to identify, contain and remediate threats. While vulnerability scanning is an important weapon in the fight against cybercrime, endpoint detection and response (EDR) solutions strengthen defenses further by offering protections against zero-day vulnerabilities, or vulnerabilities without available patches.
- Take Advantage of the Public Cloud: Many institutions are migrating their infrastructure to the public cloud, and 20% of bankers surveyed use cloud-based data backup and recovery. Institutions who are not taking advantage of the public cloud are missing out on significant benefits—including scalability, potential cost savings and redundancy. Additionally, a well-configured cloud-based IT infrastructure brings security enhancements, including controlled network access. 31% of bankers report they don’t have enough information on the cloud to make a decision, so it’s important to investigate how public cloud technologies will benefit your institution.
- Partner with a Trusted Provider: As the IT talent pool becomes increasingly competitive for community financial institutions, consider partnering with a trusted managed services provider. Not only will a provider deliver powerful cybersecurity monitoring tools, but they also offer expertise and guidance in the form of advisory services. With virtual Chief Information Officer services, or vCIO services, your institution will have access to technical consulting and experienced industry professionals who will ensure your IT strategy supports your goals. Virtual Chief Information Security Officer (vCISO) services allow your institution to build a strong cybersecurity program aligned to your business strategy, holistically addressing critical information security and regulatory compliance. Further, your institution can also leverage the existing frameworks and security controls of the MSP, which are often more robust and sustainable than those of a single organization.
Get the Full Results of the 2022 Banking Priorities Executive Report
Want to learn more about bankers’ priorities related to cybersecurity, digital transformation, regulatory compliance and more?
GET YOUR COPY
Steve Sanders serves as CSI’s chief information security officer. In his role, Steve leads CSI’s information security vision, strategy and program, and chairs the company’s Information Security Committee. He also oversees vulnerability monitoring and awareness programs as well as information security training. With more than 15 years of experience focused on cybersecurity, information security and privacy, he employs his strong background in audit, information security and IT security to help board members and senior management gain a command of cyber-risk oversight.