CARY, N.C. — Sponsored by business analytics company SAS, a
recent study of 250 executives from retail and commercial banks showed evolving
security threats, technology limitations and simple lack of awareness make
cyberrisk a daunting hurdle for today's institutions.

The survey orchestrated by Longitude Research cited lost
customer trust as the most significant impact from cyberattacks — nearly double
that of monetary losses.

Although cybersecurity is a wide-ranging problem affecting
multiple industries, survey orchestrators indicated financial institutions
often lead the way by experiencing new threats and enhancing their
cybersecurity defenses.

Nevertheless, just one in five of the executives polled for
this study regarded overall organizational preparedness for cybersecurity risks
as "high." The weakest link reported within banks was a lack of dedicated
internal resources as only 24 percent feel "highly prepared" for cyberthreats
in this regard.

"New communication channels for customer service offer
unprecedented convenience," officials said. "Unfortunately, they also introduce
new threats — phishing, botnets and mobile malware being rated among the most
likely and most damaging."

Lack of senior executive awareness was common as more than
half (54 percent) of survey respondents said financial losses aren't high
enough from cyberattacks to warrant board-level attention.

"This is partly because most organizations handle security
as an extension of IT rather than viewing it as an operational risk," said
Christopher Smith, director of cyber strategies at SAS.

Smith stressed that today's threats must be evaluated in the
appropriate context and prioritized accordingly.

For example, a recent SAS report pointed out financial
losses are typically low for distributed denial of service (DDOS) attacks, which
are politically motivated and primarily designed to block access to websites or
online Web services to garner media attention.

"But it is short sighted to not also consider the loss of
customer trust and the risk of tarnished reputation that result from such
attacks," Smith said.

Smith recommended that banks need a holistic view of
cyberthreats, treating them as operational, enterprise-wide risk.

Absence of information was also a recurring theme in the
survey, reinforced by evidence that the value of big data depends upon proper
analysis for making better decisions.

The survey report stated, "this is particularly relevant for
cybersecurity, as not all threats are equally severe and must be prioritized
accordingly."

"Interviewees bemoaned a lack of key risk indicators, which
would better position them to accurately evaluate threats alongside any
organizational weaknesses," Smith added.

Nearly one in three respondents rated limited customer
awareness as a key challenge. Still, less than one in four banks indicated
internal resources are highly prepared.

A white paper with more details about the survey can be
downloaded here.

Continue the conversation with SubPrime Auto Finance News on LinkedIn and Twitter.


Normal
0
false
false
false
EN-US
X-NONE
X-NONE

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:””;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Calibri”,”sans-serif”;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:”Times New Roman”;
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}