Bank execs say cybersecurity is the biggest obstacle to digital banking | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Banks and credit unions continue to identify cybersecurity threats and fraud as the greatest challenges to their digital banking strategy, according to new research by American Banker.

In the survey conducted in March and April, nearly 90% of the 200 banking professionals surveyed said cybersecurity threats are a “moderate” or “significant” challenge to their institutions’ digital banking strategies, more than integrating legacy systems with new digital technologies (86%) and retaining and attracting skilled talent (77%).

As such, bankers named security-related functions as two of the top three technologies for enabling digital banking, with 55% saying enhanced security and fraud mitigation were vital to their goals and 50% saying digital identity verification is critical. That far outpaced the importance rankings of many other digital services, including virtual assistants or chatbots (30%) and rapid application development (21%).

To a substantial degree, cybersecurity and fraud mitigation also motivated banks to partner with fintechs over the past year. The top two functions on which bankers said they were “likely to turn to or partner with fintechs for help” were for peer-to-peer payments or money transfers and secure ID verification. For both, 45% of respondents said they were likely to seek out help from fintechs.

Cybersecurity has occupied the front of digital bankers’ minds for years, and major data breaches continue to afflict the industry. This month, at least 10 banks got caught up in a series of cyberattacks enabled by a vulnerability in file transfer service MoveIt.

So-called supply chain attacks such as this latest series pose a particularly dire risk to banks; the security of bank data relies on these third parties to manage risk appropriately. Because that data includes consumers’ information, regulators require banks to vet their partners’ security systems, lest they be liable after a breach.

American Bankers’ recent research found that banks expect a large share of their spending in the coming year to go toward preventing data breaches, a continuation of previous spending trends. In another survey last year, American Banker found that more than 60% of financial services companies planned to increase their spending on cybersecurity by at least 10% over the coming year.

Nate Skinner, chief marketing officer for digital identity company Onfido, said one of the challenges financial institutions face in prioritizing their tech investments is that their strategies tend to be “all over the place” and that banks can generally focus more on specific problems.

“Pick a strategy — maybe your fraud posture could use improvement in a particular city or region or country. Solve for that issue, then move on to the next one,” Skinner said. “I think too often when we have conversations about strategy, they’re all over the place. We need to acquire new customers at the lowest possible cost and be compliant and produce products… You’re trying to boil the ocean all of our time.”

A single focus can hit on multiple challenges, though, particularly when it comes to fraud, cybersecurity and financial crimes. One of the many strategies banks have adopted to tackle these problems at the same time is fusion centers, a concept borrowed from law enforcement.

In law enforcement, fusion centers are government-owned and operated centers that serve as focal points in states and major urban areas for receiving, analyzing, gathering and sharing threat-related information to various law enforcement agencies and companies.

In banking, fusion centers serve the same function for the financial institution by acting as a central repository for data on cybersecurity, fraud, money laundering, financing of terrorism and other risks. For banks that deal with heavy amounts of data trying to detect all of these threats, fusion centers offer a solution that both breaks down data silos and can support other business goals, according to Scott Nathan, global head of anti-money laundering, detection and customer insights for Citigroup.

“Without a fusion technique and resolution techniques, you’re just buried in data that you’ll never be able to sort through, and you’ll miss the things that you need to find,” Nathan said.


Click Here For The Original Source.

National Cyber Security