Banking Magazine - November 2020

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

FEATURE Cybersecurity Threats

AREN’T ALL BAD FOR FINANCIAL INSTITUTIONS By John Moeller, Principal and Keith Brooks, Client Engagement Leader – Enhanced Managed Services | CliftonLarsonAllen, LLP

As we meet with financial institution leaders across the country, it’s clear that cybersecurity threats are of one of the largest challenges for institutions. Between the seemingly random nature of the attacks and the utter devastation they can bring to a business, these threats are always among the top security risks. Knowing this, we’ve decided to turn the table and think about whether cybersecurity threats can actually benefit an institution.

Could cybersecurity threats be a good thing?

The obvious answer is no. But in all actuality, good can come out of today’s cybersecurity threats. When your cybersecurity tools, training, and procedures uncover and define a threat, you can, and should, be using that to drive your strategic technology planning so you can address these risks. In today’s world, when cybersecurity threats are alarmingly

on the rise and taking new and inventive shapes on a daily basis, many institutions are still under-planning and underspending in technology and preventative measures that should ideally help protect an institution, its customers, and its data. Most institutions are replacing their old technology, as is required to maintain their current states of operation and cyber readiness. But it has become commonplace that, when this new technology is deployed, it is

not configured adequately to address mitigating controls presented in tools like the FFIEC’s Cyber Assessment Tool (CAT) and the newer FSSCC’s Automated Cyber Assessment Tool (A CAT). Unfortunately, the days of spending on technology to just

replace what is beyond its serviceable life are gone, and the days of meaningfully planning and strategically addressing the ever- changing faces of cybersecurity are here to stay. If an institution does not think progressively and look to the future, its technology becomes the biggest and most visible target for cybercriminals to exploit. And nobody wants to have that distinction set them apart in an already tightly contested marketplace.

Plan before you buy new technology

When looking at the current state of banking, stop for a moment and consider that while leaders of these institutions identify cybersecurity threats as one of their top two risks, they also acknowledge that they are dramatically underspending on the very technologies required to mitigate these risks. Financial institutions should take the time to update their current strategic technology. This means that any new hardware, software, or outsourcing agreements being considered for purchase or use should show tangible value in mitigating known cybersecurity threats faced by the institution.

10

MIDWEST INDEPENDENT BANKERSBANK MIBANC.com

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16