Insights

Another day, another breach

 

Another day, another breach


Sep 24, 2019
Financial Institutions

Our news cycle is exhausting. Our globally connected lives mean we get news from all over the world in almost real time. We get political spin from both directions constantly on our TVs, in our ears, and on our news feeds. We get news about disasters, natural and manmade, as they happen. We hear about tragedies as they unfold, as they are posted live to Facebook and Twitter. And many of us — most of us, I think — just check out. We tune it out, turn it all off. It’s just too much to take in.

So when it was announced a few weeks ago that a hacker accessed over one hundred million Capitol One customer account records — you heard about that one right? — you might have just brushed it off. Just another breach in a faraway place, and our brains cataloged it like we do when we hear about a volcano eruption in Indonesia or a revolution in Africa. After all, the 2019 Verizon Data Breach Investigations Report noted 927 separate incidents tied to the financial and insurance industries last year, almost three events per day. None of us can keep up with that number. How far away is that breach, though? I bet your customers have Capital One cards. Fraudulent charges on those cards could influence their financial situation and impact their checking account balances with you. Then there’s the other question: If Capital One got hacked, how safe is my institution?

The only way to know the answer to that question is to test. You’re probably already doing a vulnerability assessment against your network’s perimeter, which is a great way to identify possible points of entry, but you may also want to consider a penetration test, where an engineer actively attempts to break into your network. Your employees are the weakest link in your cybersecurity defenses, so make sure you’re testing them with social engineering testsEmail phishing is a great way to test many employees at once, and physical penetration testing is a great way to make sure your branch staff are following the right procedures concerning visitors to their locations. With a layered approach to cybersecurity defense, you’re much better prepared for these threats, and you won’t have to worry about your institution being part of the news. Contact your Wipfli relationship executive or visit wipfli.com/fip-it to schedule these tests today.

Author(s)

Matt Janoski
Matthew T. Janoski, CISSP, CISA
Senior Manager
View Profile

Comments

*User Name field is required.

(will not be published)

*Real Name field is required.

(will not be published)

*A valid email is required.

*Company field is required.

*Comment field is required.
Bank On Wipfli

Subscribe to Bank on Wipfli


Submit

Video: Benefits of Co-Sourcing Your Internal Audit Plan

You don’t have to stress about making sure your internal audit plan is completed on time. Together, we work with you to identify risks, update processes and finalize your plan. Reinforce your team with the support you need to complete your annual internal audit plan with confidence.