The ever evolving landscape of cybersecurity and cyber risk presents a unique challenge. As the threats and associated risks continually change, it can be difficult to stay abreast of the latest recommendations, guidance, and best practices. FINOSEC President and CEO Zach Duke spent some time talking to Joel Williquette, Senior Vice President of Operational Risk Policy for the ICBA to discuss some practical cybersecurity tips for community banks. We have linked the entire conversation at the bottom of this post, but here are 5 of the key takeaways in considering how to identify, evaluate, and address cybersecurity risks at your institution.
- Carefully consider employee access. Managing employee access is one of the biggest challenges we see in banking, and following the principle of least privilege is a vital component of strong cybersecurity.
- Craft an effective risk assessment process. Community bankers understand risk management. By crafting a strong risk assessment process, the bank can fundamentally set themselves up for success and establish a strong foundation of cybersecurity governance.
- Create a culture of communication and collaboration. No institution is an island, and opening channels for collaborative engagements can go a long way in staying on top of what is new and changing in the industry. Leveraging the knowledge, advice, and expertise of the vendor community, fellow bankers, and even ICBA’s Operational Risk Resource Center are great places to start. You can also stay on top of the latest happenings in the industry by signing up for FINOSEC Academy, where you’ll find helpful links, articles, and informational videos. We hope to see you there!
- Create a culture of cybersecurity governance and oversight. The bank leadership has a unique and valuable position to set the bedrock of cybersecurity governance that can permeate through the institution. The information security posture of the bank is highly dependent upon, and enhanced by, bank leadership.
- Identify manual and overly complicated processes. Understanding what is completed manually can help you evaluate alternatives to increase efficiency and speed, as well as reduce the risk of human error.
Multiple information security and cybersecurity leaders offered their knowledge and insight in this interview, and we encourage you to read the whole article by clicking here: Cybersecurity Experts offer Tips to Help Community Banks Shore up Defenses.