Solve the Cybersecurity Riddle to Drive Deeper Engagement
Your financial institution strives for balance every day between competing consumer expectations: People want security in their banking whenever and however they choose to do it, but they don't want it to diminish the speed and convenience they expect in a digital world.
It's a complex riddle that grows more difficult to solve with each passing day. You face constantly evolving threats at nearly every digital touchpoint, whether through online, mobile or tablets. Yet consumers rely on their institutions to detect and stop those threats in real-time while maintaining a seamless, positive user experience.
That means striking a balance between having strong protections from top to bottom and minimizing friction for consumers. The Point talked to John Horn, director of SecureNow cybersecurity services for the Digital Banking Group at Fiserv, for analysis of the security challenges financial institutions like yours face and sound strategies that can drive deeper engagement.
What keeps senior financial leaders up at night?
Brand risk and the complexity of their security challenges keep them up at night. Cyberattacks are complex, and the solutions to protect yourself from those attacks are complex and expensive. There's no silver bullet.
No single strategy or partnership is effective for everyone. Financial institutions must assess their specific risks and what the institutions are good at delivering.
Regulations make it even more complex. And there's complexity in explaining the problems, solutions and expenses to the financial institution's board. Really, there's complexity in every room you look into, and it's there for big and small, new and old financial institutions.
Don't underestimate the brand risk of a breach event. Those risks are beginning to be quantified.
Where is the most risk for financial institutions, and how can they keep up with new emerging threats?
Risk varies by financial institution depending on the services they provide and the solutions they have in place. Risk comes from so many different places, but where the institution is most vulnerable depends on multiple factors, all tied to the individual institution.
It can be difficult for institutions to keep up. For example, stolen credentials in the market have reached a commodity level on the dark web. People can pay just $1,200 for an identity theft toolkit to start a cyberattack business. These are creative, financed people who keep coming up with different attacks. And they're aided when consumers are duped into giving up their credentials.
So how do you keep up? The best way is to understand your risks and have a cybersecurity strategy in place.
From both a customer experience and management standpoint, how important is integration to financial security?
Digital security and the digital experience are very much intertwined. Traditionally, financial institutions had to choose between the two, getting one without the other. Most consumers, though, prefer security without the friction, and that entwined approach adds to the complexity for financial institutions.
That complexity is enhanced by what often is a siloed approach within financial institutions, whether it's payments, fraud prevention or audits, to name a few. There are benefits to creating a cohesive strategy across multiple teams within the institution, to have an integrated approach across the business to defend against threats.
As security gets more complex, how is fraud prevention evolving? How do security vendors and institutions partner? And is outsourcing everything an option?
The market investment in security and fraud prevention is skyrocketing. In fact, security and fraud protection have reached places they've never reached before. They're now part of the national lexicon.
A partnership is about providing financial institutions the services they need. Security vendors and financial institutions are re-examining their partnerships because the expectations of institutions are growing toward full-business security.
No single strategy or partnership is effective for everyone. Financial institutions must assess their specific risks and what the institutions are good at delivering. Many don't have the personnel or the experience in, for instance, fraud analytics. So outsourcing decisions revolve mostly around the institution determining what its internal capabilities are. If there are areas where those capabilities are lacking, outsourcing is probably an option they should consider.