BID® Daily Newsletter
Oct 28, 2016

BID® Daily Newsletter

Oct 28, 2016

Banks Join Forces Against Cyber Threats


Superheroes have been on the scene since the 1930s. These fictitious characters possess superhuman powers that enable them to look out for the safety of ordinary people. But even the greatest superheroes can't always go it alone. In February 1960, comic book publisher DC Comics used its comic book series The Brave and the Bold to introduce The Justice League of America, a team of seven superheroes who joined forces to help fight bad guys too powerful for any single superhero to take down alone. The original members of the Justice League were Aquaman, Batman, the Flash, Green Lantern, Martian Manhunter, Superman and Wonder Woman. The Justice League's capers were such a hit that in 1963, comic book publisher Marvel Comics introduced its own team of superheroes called The Avengers.
Though lacking the power of superheroes, the banking industry is doing its own thing to fight crime. Consider that eight of the biggest banks have recently joined forces to try and determine ways to ward off cybercrime. This rising threat to banks requires bolder action because it impacts the entire industry and because the government's own efforts are moving too slowly. Fortunately for community banks, any headway the group makes will help the industry, so you should be able to reap the benefits without having to take on the expense of such an effort.
The new group will operate as a part of the Financial Services Information Sharing and Analysis Center (FS-ISAC) created in 1999. It is designed to help the private financial sector and the government to work together to protect the operations of the economy and the government. That directive, which was updated in 2003, requires an exchange of information about both physical and cyber security threats or areas of weakness to protect critical US infrastructure. The goal of the new group, however, is to foster greater sharing and collaboration than what has occurred through the FS-ISAC to date. In particular, the group hopes to exchange more detailed information on threats recognized by the institutions within it and to work together to establish protocols to follow whenever cyberattacks take place. They are even planning to hold war games to replicate some of the biggest threats.
According to a report by the global security risk monitoring company SecurityScorecard, large financial institutions have suffered 22 major data breaches over the past 12 months (this only includes those that have been made public). The report also finds 75% of the largest 20 US banks are infected with malware. Though the federal Cybersecurity Information Sharing Act mandated the sharing of Internet traffic information between the government and technology and manufacturing companies, the largest financial institutions have expressed concerns. They see the law as another slow moving layer of bureaucracy, so they are taking action themselves.
Specific concerns around information sharing include questions about whether or not the government can adequately secure the information banks are sending over, along with fears that passing on threat information could lead to shareholder lawsuits.
Given the unfortunate reality that there is no such thing as a cyber superhero, it is not surprising the industry has decided to address these issues directly. In the meantime, stay diligent and monitor your systems for kryptonite to protect your data.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.