Banks are waging unrelenting cyberwar
The cyberthreats that Heartland BancCorp faces on a daily basis are relentless.
Every day, the bank gets 10,000 to 12,000 emails, 75 percent of which are junk and include malware and other cyberthreats to the bank’s computer system that could be costly to the Gahannabased bank should they be successful.
“The sheer volume is what causes systems to a lot of times overload with data,” CEO G. Scott McComb said of the email.
Staff members have to know what’s safe to open and what could be problematic.
“You have to have strong policies in places” to combat what he calls “an ongoing battle.”
A report released last week by United Kingdom research and consulting company Ovum documents the degree to which financial institutions are being overwhelmed by cyberthreats.
The survey of bank security chiefs across North America, Europe and Asia found that a third of the institutions deal with more than 200,000 threats a day. It is so bad that
73 percent say they are now running more than 25 cybersecurity tools, and 9 percent are using more than 100.
The most common threats are attempts to gain access to customer accounts, he said. Others seek to damage computer systems, McComb said.
There are so many threats, it’s difficult for banks to sort the critical threats from those that aren’t.
“Each new malware or attack style throws up a new challenge that can only be addressed by deploying yet another new security tool,” the report said. “However, the resulting complexity is itself a security risk, as security ... teams spend their time patching holes, racing against time to close security gaps. Security silos also raise the potential of cybercriminals locating a weak point in the infrastructure they can use to infiltrate an enterprise.”
The result is too much for banks to cope with, even at banks with large security teams, Rich Baich, chief information security officer at Wells Fargo, told American Banker, a trade publication, last week. Adding more people isn’t the solution, he said.
“Volumes of alerts will continue to climb until organizations implement the appropriate technology and overlay them with operational innovations that allow the organization to rapidly sift through the mountains of data to find the actionable alerts,” he said.
No organization can do the necessary analysis on 200,000 threats a day, Raj Samani, chief technology officer of security software firm McAfee, told American Banker.
“It’s far too much to deal with in a practical fashion. A number of these events will simply be ignored,” he said.
The report suggests that banks need to automate the threat-collection process so alerts can be grouped by the events they relate to and security analysts can quickly scan these groups to prioritize the most critical issues.
“The alert overload situation is bad enough in itself, but the problem is compounded by the fact that the majority of these alerts are not unique,” the report. “Nearly half of those surveyed said that only one in five alerts is unique.”
The cost to keep Heartland out of danger is high and growing, McComb said.
Heartland spends about $200,000 a year on security monitoring, he said. That includes costs for staff, consultants and computer software.
The cost for smaller banks is one reason these banks are deciding to put themselves up for sale, said James Thurston, spokesman for the Ohio Bankers League.
“They key is to have monitoring systems in place that can report these kinds of things,” he said. “This can be an expensive thing.”