Pub. 9 2020 Issue 1

© Copyright 2019 CalTech. All rights reserved. Cybersecurity: 5 Most Common Gaps Overlooked, unaware, or overloaded 1. POOR SECURITY AWARENESS CULTURE The Problem: Security awareness must start from the top down. Not making it a priority contributes to poor or nonexistent practices among employees. And that can spell disaster. The Solution: Does your institution have a security awareness program? If not, get one in place. Engage bank leadership early on, ensuring they understand what’s at stake, and what their role is in making it stick. 2. FAILURE TO COVER THE BASICS The Problem: On average, Cybercriminals utilize around a dozen common vulnerabilities to breach organizations. Windows, Office, and Internet Explorer weaknesses, Adobe exploits, and Remote Desktop loopholes are all common threats that attackers use to try and attack your network. Cybercriminals don’t even have to break a sweat if you are not keeping up with software patching. The Solution: Adopt a clear patch process that includes regular vulnerability scanning to keep IT systems and software up to date. By keeping your patches current, you can dramatically reduce the chances that your bank’s and customer’s data will be put at risk. Cyber threats are ever-evolving. However, no matter how much changes, the most basic vulnerabilities are often the most exploited. To help, CalTech’s Information Security Team has compiled the five most common cybersecurity weaknesses we see in banks and FI’s. Planning for them will help you reduce the risk of a cybercriminal winning at your expense.