“Cybercrime is relentless, undiminished, and unlikely to stop.” This dire statement from the 2018 McAfee Economic Impact of Cybercrime report cannot be ignored. The study, conducted in association with the Center for Strategic and International Studies (CSIS), estimates that cybercrime now costs the global economy approximately $600 billion.
Financial regulators are worried about this reality and the danger it poses to the safety and soundness of the financial system. Even though institutions have long perfected the art of securing physical cash, they are not nearly as expert at protecting their information and data.
As a result, examiners want proof that financial institutions are closing that security gap, and for them, the proof lies in the existence and efficacy of information technology (IT) policies. Given the high stakes for their organizations, institutional boards should be pressing for the same proof.
Examiner Expected IT Policies
According to ITSP Magazine, “financial services firms fall victim to cybersecurity attacks 300 times more frequently than businesses in other industries.” Its research also shows that they pay more per breached record than other businesses—$336 versus $225. This explains why federal regulators are increasing their focus on IT policies.
continue reading »