During October’s National Cyber Security Awareness month, government agencies like the Department of Homeland Security, educational institutions, and private entities like the National Cyber Security Alliance, took steps to raise awareness and to educate people about the insecure cyber world that we live in. Focused on internet connectivity—as well as concerns surrounding identity theft, fraud, and abuse—the National Cyber Security Awareness month should find a home on our calendars in years to come.
During the month, several interesting developments have come to light. As discussed below, a few of those include problems at the American Banker’s Association (ABA); potential downgrades for hacked banks; and pushes for more use of biometrics for transaction authorizations.
American Bankers Association Online Shopping System Hacked
At the outset of National Cybersecurity Awareness month, the American Bankers Association (ABA), announced on October 2 that hackers had victimized its computer systems (Bloomberg Business reports). The hackers broke into the ABA’s online shopping systems and stole users’ login email addresses and passwords. There is no indication at this time that the hackers were able to obtain sensitive credit card information. In its apology, the ABA notified affected users that the ABA takes the issue of cyber security very seriously, but that breaches happen despite the existence of significant security measures and safeguards.
Banks With Weak Cyber Security Could Face S&P Downgrades
Business News World recently reported that Standard & Poor’s (S&P) will consider downgrading banks if they have weak cyber security protocols in place to protect customer data—even if the bank has never been the victim of a cyber attack. The reasoning behind the potential new approach rests on one intangible factor and two tangible factors. Specifically, if a breach occurs, the following will likely occur:
- The bank will suffer reputational damage, and the industry as a whole suffers,
- The bank will be exposed to legal consequences, and
- The bank will suffer monetary losses.
While not foolproof, a robust cyber security system may go a long way toward protecting customer information. Banks that are not properly prepared for a cyber attack open themselves up to more extensive attacks with more severe consequences since hackers are better able to navigate unprotected systems. Under the S&P downgrade-proposal, a bank with weaker systems exposes themselves to material downgrades.
Biometrics: The Future of Cybersecurity?
With the sheer volume of cyber attacks over the past few years, cybersecurity industry leaders continue to explore potential solutions to this pressing problem. Those leaders have identified personal biometrics as a means to secure online transactions. A number of cyber security companies, both large and small, hope to develop a biometric-based encryption technique scalable to the level required for banking applications.
But how effectively can a biometric protocol such as fingerprints safeguard personal information, especially in light of the fact that biometrics—like fingerprints—can be stolen and recreated? For example, consider the recent cybersecurity breach at the Office of Personnel Management where hackers managed to acquire fingerprint information for more than 5.6 million past and present federal employees (report by Wired magazine).