Financial institutions face increasing pressure to provide enhanced consumer protection against malicious security threats and fraudulent activities. An attack on an institution resulting in the loss of data can have a devastating effect on the organization’s revenue and reputation and cost significant amounts of time and money to repair. While some financial institutions may have felt protected by a single layer of security – such as antivirus – in the past, that is simply not enough in the current risk environment. Financial institutions must institute layers of security that protect all vulnerability points. However, for many community banks, this may seem like an overwhelming and costly process to implement.
Just as there is not one product that will cover all security needs, there is not one price that will cover all needs and ensure security. Each financial institution must evaluate the risks of being compromised vs. the cost of reducing those risks, with the knowledge that some risks can never be completely eliminated — no matter how much you spend or what solutions you put in place.
Some Costs to Consider
- Ransomware fees
- Data loss
- Production resource time working on issues
- Data leakage
- Reputation damage
In addition to these fees and responsibilities, financial institutions must also answer to federal authorities, which can impose additional fines and penalties. All of these costs can add up quickly and the damages can be difficult to overcome, especially for smaller institutions.
One important cost to consider is that security layers will need to change and evolve over time to keep pace with criminals’ strategies. It is important to research, evaluate and determine which security products and services adequately address your institution’s unique needs and that will support your long-term goals as it relates to technology and compliance. This will be an ongoing process to ensure your institution has all of the appropriate security layers in place.
|Breached Company||Stolen Data||Affected Accounts||Cost to the Company|
|Personal data||80,000,000 patients||$100 M|
|Names, email, phone||33,000,000 accounts||$850 M|
|Names, passwords, email, phone, addresses, date of birth info||145,000,000 accounts||$200 M|
|Credit card data, email addresses||56,000,000 accounts||$80 M|
|Names, social security numbers, credit card info, bank account info||3000 employees||$35 M|
|Credit card, debit card accounts||70,000,000 customers||$252 M|
|Personal data||5,000,000||$130 M|
Prevent, Detect, Respond
The good news is that there are a number of tools and procedures that can give confidence back to community banks in this challenging environment. On their own, some of these simple steps (such as software patching and firewalls) may seem rather obvious. However, adding preventive, detective and responsive layers to your IT security strategy will help strengthen your approach and build an effective security foundation. Proactively protecting your financial institution and customer data will always be more cost effective than falling victim to malicious activity.
For more information please download our complimentary white paper, Strengthen Your Strategy: Why a Layered Defense is the Best Choice for Your Bank’s IT Security Program.