BID® Daily Newsletter
Jan 7, 2019

BID® Daily Newsletter

Jan 7, 2019

Discovering Cyber Risks And Fighting Together

Summary: Cyberattacks happen 300x more frequently in financial institutions than other industries. A system of buddy banks was created to help. Are you Shelter Harbor-ready?

Last year was an interesting one for scientists. They figured out how to use nano-robots to kill cancer, found a large body of water on Mars, created a new drug to treat migraines, grew meat in a lab without using animals, found a 3,200 year old cheese, and birthed a healthy baby mouse from two moms and no dad. We are looking forward to seeing what discoveries this year brings.
We realize that we just reported on the cyber risk of privileged users, but we haven't discussed the Sheltered Harbor program yet so we thought this may be a good time to bring it up.
Clearly, cybersecurity attacks are flourishing in financial institutions. Although it may seem a never-ending war to be fought, there are different ways to fight. Sheltered Harbor is one way that community banks may be able to fight the good fight.
We all know the stakes are high in the cyber risk realm. Cyberattacks happen 300x more frequently in financial institutions than other industries. According to a Javelin report, American banks lost $16.8B to cybercriminals in 2017, and more than 15mm customers were victims of cyber attacks. Against such a backdrop, the Sheltered Harbor project was started 2Ys ago to add another layer of protection to safeguard customers' information and account balances, when a financial institution is under attack.
The program, created by the Financial Services Information on Sharing and Analysis Center (FS-ISAC), relies on a system of buddy banks. Big institutions like HSBC, Citigroup, JP Morgan Chase and others are included, but so are community banks. These banks supplement their own defenses by storing critical information in a data vault every day. Each bank manages its data. The only requirement from Sheltered Harbor is to follow the guidelines on formatting data, encrypting them and protecting them from changes.
In case of a cyberattack of a particular financial institution, there is a backup buddy system. Banks choose in advance the partners that have access to the bunker that could bring accounts back to life within 48 hours.
Community banks of course can't spend as much as giant institutions on protection. Yet, Sheltered Harbor is flexible. Large banks pay $50,000 to participate, while smaller members pay $250 to $25,000 depending on size. This voluntary private approach has convinced a lot of institutions and brokerage firms of its merits, as they are certified Sheltered Harbor-ready. Today 68% of US retail bank accounts are reportedly covered and 55% of brokerage accounts.
The advantage for community banks? Being Sheltered Harbor-ready could emphasize your commitment to cybersecurity with this additional layer of protection. It may also show that your bank is a trusted financial partner that customers are expecting.
While community banks could be reluctant to allow a potential competitor to see their data, several have already set up reciprocal backup relationships with other banks through this program. The idea is that if one bank goes down, there are others there to help pick them and their customers back up.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.

Related Articles:

Educating Customers on the Risks of Gaming Platforms
Online gaming platforms have become extremely popular in recent years, with 76% of children under 18 playing regularly and connecting their parents’ credit cards and bank cards to their gaming accounts. Financial education about the risks of online gaming payments can add value for young and older customers alike.
Spoofers Target CFI Customers
A June 2022 report from Allure Security, a cybersecurity firm that specializes in protecting financial institutions, says that about 20% of CFI’s are the targets of website impersonation attacks. Rather than simply assume that website impersonation attacks are something that happens to larger banks, CFIs should be proactive about protecting themselves and their customers from this kind of fraud. We explore a few tactics to keep your CFI and your customers safe.