BID® Daily Newsletter
Apr 26, 2018

BID® Daily Newsletter

Apr 26, 2018

Munching On Mobile Cybersecurity Tips

Summary: Mobile apps - including banking apps - are more at risk now than ever before. A Verizon report provides details on the types of risks and the practices recommended to protect your bank.

We aren't dieticians, but found it certainly interesting that research finds you burn more calories eating celery than it contains. After all, it only has 6 calories and is about 95% water. The good news is that one cup of celery gives you about 30% of the recommended daily intake of Vitamin K, which plays a key role in helping blood to clot and assisting in absorption of calcium from food. Of note, celery is part of the parsley family, which also includes carrots and cumin.
While certainly not as good for you as the crunch of a good stalk of celery, bankers are also getting crunched by mobile security cyber incidents.
To get a better view on steps security professionals are taking to mitigate mobile threats, we looked at a survey by Verizon that found the following:
Almost 33% of respondents admit to having sacrificed mobile security to improve expediency and/or business performance. Of those, 38% say their organization is at significant risk from mobile threats. Further, 25% said that during the past year their company had experienced a security incident resulting in data loss or system downtime where mobile devices played a key role.
Meanwhile, the Verizon report also detailed the following types of mobile threats that we thought bankers might like to know:
Denial of service: Jamming of wireless communications, overloading networks with bogus traffic, ransomware, or loss/theft of device.
Geolocation: Gathering data on location, infringing on the privacy of the individual.
Information disclosure: Interception of data in transit, leakage or exfiltration of user, app or enterprise data, eavesdropping on voice or data communications, surreptitiously activating the phone's microphone or camera to spy on the user.
Spoofing: Email or text message pretending to be from a boss or colleague, fraudulent Wi-Fi access point, or cellular base station that mimics a legitimate one.
Tampering: Modifying data in transit, inserting tampered hardware or software into supply chain, repackaging legitimate app with malware, modifying network or device configuration (such as "jailbreaking" or "rooting" a phone).
Many factors also make mobile devices an appealing target. After all, there are more mobile devices, they have access to more data, and they are now critical to business operations. In this regard, the following practices could be a good start:
Apps: Reduce the risk of malicious and vulnerable applications by looking into creating a custom app store and vetting all apps that are added to it.
Segmentation: Improve device management by automating it as much as possible. This includes deploying mobile endpoint security/threat detection and implementing device segmentation, keeping personal and work data and applications separate.
Ambassadors: Train "security ambassadors" within the bank to act as champions for improved mobile security.
As mobile adoption continues, banks should continue to monitor changes to keep up. Having the right practices and processes in place, and refining them along the way, will ensure your bank and your customers remain well protected and less crunched by mobile cyber incidents.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.

Related Articles:

How Hiring Hackers Can Make Your Institution Safer
The average cost of a data breach in the finance industry is estimated to be $5.97MM. Increasingly, financial institutions are using so-called white hat hackers to test the security of their systems. We discuss how they can help you improve your cybersecurity and protect your CFI and customers.
The Growing Role of Biometrics in Cybersecurity
Cybercriminals are continuously finding new ways to break through financial institutions’ defenses. We look at the increasingly important role of multimodal biometrics in a CFI’s security solution as well as the benefits and challenges of using biometrics for authentication.