For years, financial institutions shuddered at the thought of ever sharing information with one another, and always opted to maintain internal research for fears of providing “too much insight” into the other’s daily operations.
Yet, in light the rise of cyber-security threats, banks are becoming increasingly concerned with online theft, and are beginning to consider the importance of joining forces to combat these online hackers.
Several initiatives have already been designed to ensure a better protection against hackers, whose more sophisticated efforts to steal money and customer data for their own personal gains are multiplying at a faster rate than financial institutions’.
According to Suzanne Kapner, a reporter for The Wall Street Journal, security officials from Morgan Stanley and Goldman Sachs are scheduled to meet with researchers from the Polytechnic Institute of New York University in an effort to create a new center that would go through bank data and detect potential attacks. Bank of America has even begun hosting informal quarterly meetings with rival experts to create solutions to the growing security trend.
However, not all banks are unanimous in this decision. Kapner reported that some bank officials are hesitant to share their financial institution’s private information, and would prefer to conduct their own data research internally.
Nevertheless, recent real-life banking attacks such as the Zeus Trojan (a Trojan horse that steals banking information by keystroke logging and Form Grabbing. Zeus is spread mainly through drive-by downloads and phishing schemes) are presenting banks with the decision to ultimately look into alternative measures to prevent such vulnerability. (To learn more about these attacks, read Pete Viglucci’s blog).
In order to ensure better protection against outside threats, an IT risk assessment is required to identify the reasonably foreseeable threats from within and outside a bank’s operation that could result in unauthorized disclosure, misuse, alteration or destruction of customer information or customer information systems, as well as the reasonable foreseeable threats due to the disposal of customer information. Customer information stored on systems owned or managed by service providers and customer information disposed of by a bank’s service provider are factors that should be considered. Regulators require institutions to develop a thorough, written IT risk assessment. (P&G Associates offer such services. Click here to learn more!)
What are your thoughts on the sharing of information with other financial institutions?
Would you consider working with rival community banks in order to prevent such from happening to your financial institution?
If not, what other alternatives would you consider to keep you and your customers protected?
We would love to hear your thoughts!
The OnCourse writing staff work to keep you informed about the most pertinent financial industry news of the moment