menucloseContact UsEventsNewssearchclose
Services
Industries
Insights
About Us
Careers
Contact UsEventsNews
searchclose
home Insights

Decoding the Jargon of Cybersecurity

David R. McKnight
6/14/2024
Three people are collaborating in a modern office, working at computer screens displaying code and decoding complex cybersecurity protocols.

This article was originally published in the March/April 2024 issue of ABA Risk and Compliance.

The world of finance is no longer just about numbers and balance sheets. In fact, it’s deeply intertwined with the realm of cybersecurity. The sensitive data that financial services organizations work with is a treasure trove for threat actors, so understanding cybersecurity has become paramount for financial services professionals. However, for those without a technical background, the lexicon of cybersecurity can seem like a foreign language, riddled with jargon that is difficult to decipher.

Defining and understanding central cybersecurity terms can help bridge the gap that sometimes exists between financial services professionals and their information technology (IT) and information security (IS) teams. When all team members are fluent with the technical terminology of cybersecurity, they can better collaborate and work toward a safer financial ecosystem.

Why Cybersecurity Matters

Financial data is the lifeblood of the modern economy. Every transaction, every investment decision, and every customer interaction hinges on secure and reliable access to this data. Cybercriminals recognize the value of this data, and financial services organizations rank among their most sought-after targets.

Consider a few eye-opening instances:

  • In 2014, a major U.S. bank suffered a breach in which hackers accessed data from 83 million accounts.This incident cost the bank hundreds of millions in fines and remediation costs and damaged its reputation significantly.
  • With the rise of digital-only banks and fintech platforms, cyberthreats have diversified. In 2022 several cryptocurrency platforms, a money transfer app, and even a password manager platform were breached.2 Millions of users were affected, and tens of millions of dollars lost.

These events underscore for financial services organizations the fact that cyberthreats are not just theoretical. They are real, present, and evolving, and could impact their customers’ satisfaction. Repeated interruptions in service could lead to customer complaints and attrition.

Cybersecurity is a complex field, and it isn’t a one-time, set-it-and-forget-it initiative. Instead, it’s a continual battle of wits between defenders (IT and IS teams) and attackers (cybercriminals). For this battle to tilt in favor of the defenders, every stakeholder—from the top executive to the newest intern—must be equipped with knowledge about cybersecurity and why it matters.

Given their proximity to critical data and processes, financial services professionals can play a pivotal role in strengthening their organizations’ security posture. By understanding the cybersecurity landscape, they can better align their strategies with risk management practices, support profitability, and promote safety and trust.

Common Cybersecurity Terms Decoded

Navigating the intricate landscape of cybersecurity can seem daunting, especially when confronted with an array of unfamiliar terms. Decoding cybersecurity jargon can offer clarity and context particularly tailored for the financial sector.

Threat, Vulnerability, and Risk

  • Threat. A threat is an entity or event that has the potential to harm a system.
  • Vulnerability. A vulnerability is a weakness or gap in a system’s security measures.
  • Risk. A risk is the potential for loss or damage when a threat exploits a vulnerability.

To illustrate this concept more concretely, consider a real-world analogy: Think of a bank’s physical security system as outdated technology (representing a vulnerability). As this vulnerability persists, the likelihood of a potential bank robbery (threat) increases, posing a significant risk to the bank, both in terms of financial loss and reputational damage. In a similar vein, if a bank’s network infrastructure is outdated, the likelihood of a security breach (threat) rises, which, in turn, elevates the risk of financial loss and damage to the bank’s reputation. Moreover, this elevated risk can also result in the loss of valuable customers who prioritize the security of their financial assets.

Malware, Ransomware, and Phishing

  • Malware is malicious software designed to disrupt, damage, or gain unauthorized access to computer systems. In a financial context, malware is software that can secretly monitor transaction details or steal customer data.
  • Ransomware is a subset of malware that encrypts a victim’s files. Once installed, threat actors then demand a ransom from the victim to restore access. Financial services organizations are juicy targets because of the sensitive data they hold and their capacity to pay hefty sums to retrieve it.
  • Phishing is when a threat actor posing as a trustworthy entity tries to lure individuals into providing sensitive data via email, phone, or text message. Bank customers might receive an email urging them to click on a link and verify account details—only to discover they are the victim of a scam.

Security Culture

  • Security culture refers to the collective values, beliefs, attitudes, and behaviors within an organization or community regarding security and the protection of assets, information, and resources. It encompasses the organization’s approach to security, its commitment to maintaining a secure environment, and the way individuals and groups within the organization perceive and prioritize security-related matters.

Consistent training cultivates a culture where security becomes a shared responsibility, extending beyond IT or IS professionals. Informed and vigilant employees are less likely to fall prey to malicious links or suspicious attachments. Furthermore, it’s essential to recognize that employees often represent the weakest link in security. Instances of negligence, inattention, unintentional information sharing on social media, and even deliberate misconduct can all pose significant risks. Thus, nurturing a robust security culture is imperative in order to minimize vulnerabilities and reduce the likelihood of phishing, malware, and ransomware attacks.

Multifactor Authentication

  • Multifactor authentication (MFA) is an added layer of security to confirm identity and appropriate account access. First, users enter their usernames and passwords. Then, instead of immediately gaining access, they are required to provide another piece of information, which could be a code sent to their phone or a fingerprint. Even if threat actors steal one key (a password), they can’t access the contents without the second key (the unique code or fingerprint).

Because financial services professionals handle vast amounts of confidential data and large transactions, safeguarding this information is paramount. It’s imperative that only authorized personnel access these details. Unauthorized access to such data can have severe consequences, making the implementation of MFA an essential tool to deter unauthorized access, and enhance security in the financial sector.

Firewall and Antivirus Software

  • Firewall. A firewall is a network security device or software designed to prevent unauthorized access to or from a private network. It monitors activity coming in and going out of the network.
  • Antivirus. Antivirus software is designed to detect, stop, and remove malicious software such as viruses. Antivirus software monitors for suspicious activities on the network.

Every online financial transaction passes through several layers of security. Making sure that security checkpoints such as firewalls and antivirus software are up-to-date can mean the difference between a successful transaction and a compromised one.

Encryption and Virtual Private Networks

  • Encryption converts information or data into a code to prevent unauthorized access. When financial data is encrypted, even if intercepted it appears as gibberish to unauthorized individuals. Encryption is akin to communicating in a secret language only the bank and its customers understand.
  • Virtual private networks (VPNs) allow users to create a secure connection to another network over the internet. For financial services professionals working remotely, a VPN acts like a secure tunnel that helps keep data shared between remote individuals and their organizations confidential.

With increasing online transactions and remote work arrangements, encryption and VPNs are critical tools in safeguarding sensitive financial data against prying eyes.

Incident response and disaster recovery

  • Incident response is an established protocol that details the processes to follow when a breach or other security event occurs, including how to alert the authorities, preserve evidence, and communicate with stakeholders.
  • Disaster recovery. As a subset of incident response, disaster recovery focuses on restoring and maintaining the business operations after a security event. In the same way an organization might respond to a physical event such as a flood or fire, disaster recovery in cybersecurity is a blueprint restoring network operations, from assessing damage to retrieving backed-up data and making sure customers can access their funds.

Financial services professionals often serve as the first line of defense in recognizing irregularities that might signify a breach. Being well-versed in incident response can help them act swiftly and potentially contain the breach. Furthermore, understanding disaster recovery helps organizations restore normalcy and minimize disruptions to operations and customers.

Bridging the Communication Gap

Communication is the lifeblood of any successful organization. Yet, when it comes to the interplay between professionals and IT and IS teams, language barriers often lead to misunderstandings.

Strategies for productive conversations:

  • Ask clarifying questions. If a term or concept is unfamiliar, always seek clarification. Remember, it’s better to ask than to assume and make potentially costly errors.
  • Stay updated. Set aside time to familiarize yourself with the latest cybersecurity trends and threats. This proactive approach can foster more insightful discussions with tech teams.
  • Regular check-ins. Schedule periodic touchpoints with IT and IS teams to discuss concerns, updates, and potential improvements in cybersecurity infrastructure.

Questions professionals can ask their IT and IS teams:

  • How frequently do we conduct security assessments?
  • Are there any recent vulnerabilities we should be aware of?
  • How can we, as compliance and risk professionals, better support the organization’s cybersecurity initiative?

How to Create A Success Story

When there is a breach, the IT department will enhance protocols, train employees and hold workshops to educate customers. The first priority to contain the breach to prevent further damage is usually handled by the IT department.

Then, depending on the severity and nature of the breach, the relevant parties should be notified promptly. But what should compliance and risk do?

  • Employee training. Mandatory security awareness training should be rolled out for all departments.
  • Enhanced protocols. With close collaboration of the IT department, new security protocols should be implemented, including MFA and real-time transaction monitoring.
  • Customer outreach. Banks should be transparent with their customers and reach them in a timely manner with relevant information.

However, before a cyber event ever happens, Compliance and Risk departments at every bank should have a structured incident response plan to manage a cyber breach event and mitigate potential risks. This plan should include assessment and investigation, data preservation, customer communication, mitigation, and documentation. (For more information see Banks Face New 36-Hour Cyber Incidence Reporting in the September—October 2022 issue and Five Ways for Compliance to Mitigate Cryptocurrency Risks in the November—December 2021 issue.)

Cybersecurity transcends mere technicality; it’s an indispensable facet of today’s financial landscape. As professionals decode and understand this realm, they can better safeguard their organizations and contribute to building a secure financial future for all stakeholders.

Endnotes:
1. https://archive.nytimes.com/dealbook.nytimes.com/2014/10/02/jpmorgan-discovers-further-cyber-security-issues/?_r=0
2. https://archive.nytimes.com/dealbook.nytimes.com/2014/10/02/jpmorgan-discovers-further-cyber-security-issues/?_r=0

Contact us

Dave McKnight
David R. McKnight
Principal, Financial Services Consulting
+1 630 575 4399
Profile