While the days of the good ol’ “stickup” bank robbery, cybersecurity threats are rapidly growing in number and complexity, and even the most advanced security teams scramble to keep up. Retail banks, tasked with guarding customer data and dollars, must respond with modern defensive strategies and prepare for both today’s challenges and tomorrow’s threats.
After decades of battling credit card fraud, retail banks face a new challenge: fraudulent account takeover. When hackers gain access to customer credentials, whether through phishing, “man in the middle” attacks, or something else entirely, compromised customer accounts mean big trouble for retail banks and customers alike. Banks can no longer distinguish hacker from customer, and just like that, traditional perimeter security is rendered useless.
By the time the average customer realizes his/her account has been compromised, funds have already been transferred and PII (personally identifiable information) is in the wrong hands. Damage control is all that remains.
The rise in high-impact fraud
The Javelin 2019 Identity Fraud Report notes that, “While existing card fraud losses dropped from $8.1 billion in 2017 to $6.4 billion and the incidence fell from 5.47% to 4.40%, high-impact fraud types like account takeover and new-account fraud remain alarmingly common, demonstrating that fraudsters continue to find and compromise new targets.”
New account fraud (an extension of account takeover) occurs when fraudsters use victims’ PII to open new accounts, such as mortgages, car loans, or credit cards. New account fraud is on the rise, with cost estimates up to $3.4 billion in 2018.
How can banks effectively combat account takeover, new account fraud, and other modern cyber security threats?
Retail banks can start by protecting customer accounts with security that goes beyond a single user ID and password using a strong multi-factor authentication (MFA) solution like Duo Security.
Using MFA to protect accounts is more than just a good idea. In many cases, regulatory bodies such as “FFIEC, NYDFS Cybersecurity Regulation and NAIC mandate the use of MFA to protect access to sensitive data for financial institutions, insurers, banks and many other organizations” (Duo Security).
Fighting fire with fire
Hackers use artificial intelligence (AI) and machine learning (ML) to methodically work their way into financial services networks. However, AI and ML can also play for the “good guys,” holding strong promise in both the detection of anomalous behavior and fraudulent account activity and mitigation of these attacks.
Comprehensive security solutions like Cisco’s Network Visibility Solution combine Cisco Stealthwatch’s rapid threat detection with Cisco Identity Services Engine (ISE) and TrustSec to not only detect encrypted threats on the network, but also identify, isolate, and quarantine these threats.
For retail banks, rapid threat detection and mitigation is the best bet to minimize the impact of account takeover and new account fraud.
Looking at the big picture
Cyber Risk management is not just technology. It’s people, process, and technology. If any of these components aren’t implemented properly, the entire system falls apart. From our perspective, the biggest failures occur when cyber security teams operate in silos and use tools that focus only on role-specific tasks and issues. Bringing together people, processes, and technology components in a cohesive strategy around a common goal is the only real way to present a united front against cyber fraud.
“There are two types of companies: those that have been hacked, and those who don’t know they have been hacked.” – John Chambers
Whether recently hacked or defending against future attacks, we have a few key recommendations for retail banks.
1. Don’t try to boil the ocean. Focus on the greatest risk potential and start there. While creating a truly impenetrable network is next to impossible, quantifying risk (and focusing efforts accordingly) is possible, and may very well be the best approach to defending against cybersecurity attacks.
2. Prioritize empowering people. A secure network is only as powerful as the people who run it. All the right technology is useless if not implemented and operated properly.
3. Be honest about your risk posture. The first step is admitting you have a problem.
Do you have questions about assessing cyber risk, managing fraud, or anything else cyber security? Ask in the comments section of this post so one of our Cisco Security experts can find an answer for you!
For a more in-depth conversation about managing cyber and operational risk, make sure to attend the Financial Services Session at Cisco Live.
“Continuous cyber risk management for financial services and retail – (PSOGEN-1023), June 12th 2019 at 1:00 PM San Diego Convention Center – Upper Level, Room 28C” (See full Session Guide)
We’ll be at Cisco Live San Diego next week covering all the latest developments in cyber risk, security, and technology for financial services. Don’t forget to come visit us in the World of Solutions to experience a transformed modern retail financial services branch.
For more information on how Cisco helps financial services institutions solve their biggest challenges, visit Cisco Financial Services.