Bank security

Russian Threat Prompts To Strengthen Banking Security – BizWest

The hacking of Russian-based financial institutions may not have reached the volume many feared before the war in Ukraine began, but that doesn’t mean people are letting their guard down.

Scott Warner

“Attacks have increased every year,” especially over the past five years, said Scott Warner, president of connection point of Greeley and Chairman of the Board of the Greeley Chamber of Commerce.

Sources contacted for this story were contacted prior to the March 22 White House announcement that Russian state-sponsored hackers were preparing for attacks, primarily to disrupt energy-related targets, but including also at least 18 American companies in other sectors, such as defense and financial services. , the FBI said. Information from the White House briefing said Russia had been conducting “preparatory activity” for cyberattacks, which could include scanning websites for vulnerabilities.

However, in the highly regulated financial space, Warner said, companies are constantly improving security and are well aware of the increased threat.

“With more people working from home during the pandemic, attackers have jumped on it,” Warner said. “It’s something that’s always happening in high volumes, and it’s constantly increasing. I think everyone should be on their guard.

Mike Brown, regional chairman of the Alpine Bank Vail Valley and Steamboat sites, said his own bank was already on “very high alert” as war loomed. As president of the Colorado Bankers Association, he said that certainly seems to be the case across the board.

“Cybersecurity is one of the core areas of our industry,” Brown said. “Banks are already among the safest and most careful of all industries. We have a great responsibility. »

At Centennial Lending in Frederick, a credit union service organization that serves nine states, the alert status was also high, said Michael Nagl, president and chief executive. The organization provides services to more than 100 credit unions, expanding their ability to meet residential and commercial mortgage lending needs.

“We are definitely on higher alert,” Nagl said. “Even though we know we are not the Chase Manhattan, PII (personally identifiable information) is dear to us. It always has been. As Russia deals with these economic consequences, I’m sure it will be looking for easy money.

Nagl said security updates and policies are constant at all times for Centennial, which contracts with Connecting Point for its data management. But at times like these, he said, those regular meetings seem to matter more.

At the Better Business Bureau of Northern Colorado and Wyoming, President and CEO Shelley Polansky said the BBB reminds all businesses that cybersecurity is not an option but a necessity.

The BBB has a list of essential moves for businesses, as follows:

  • Train all employees on cybersecurity best practices so they understand the risks associated with accessing company data and systems.
  • Implement role-based access control (RBAC). This allows you to assign specific permissions to different employees based on their roles in the company, controlling who has access to what data.
  • Initiate automated remote data backup and recovery, allowing you to store an additional copy of your data offsite in a secure location.
  • Enable multi-factor authentication, which makes it significantly more difficult for cybercriminals to gain access to your data and systems by providing an additional layer of security if a cybercriminal bypasses your password.
  • Secure your Wi-Fi networks.

At Rigid Bits in Longmont, which is a firm specializing in cybersecurity, Ryan Smith said that good antivirus and endpoint detection and response are also essential for businesses dealing with sensitive data, as even e- emails, addresses and birthdates can do a lot of damage once on the dark web.

“Companies must have an incident response plan. So many companies come to us after losing data, with no response plan,” he said. “It’s like having a plan in case of fire.

Connecting Point has been in managed IT services for 20 of its 40 years, but security has been at the forefront since its inception. Even so, security concerns have grown geometrically over the past five years and even more over the past 24 to 36 months, Warner said.

“The landscape of this is changing as we speak and you need to give your customer or your business the best chance to mitigate risk and recover in the event of a breach.

“You try to become a harder target,” Warner said. “There are so many fruits at hand for bad actors, so many companies don’t do it right; if you implement best practices, the bad actor will move on.