Businesses leaders across the nation have begun to have the conversation about returning to work. For BankOnIT, business has not slowed and work continued, but safety and well-being were a top priority.

BankOnIT provides IT technology ranging from internet services and network hosting to continuous security. Designed exclusively for the banking industry, nearly 200 people work to provide 24/7/365 support of the systems and client bankers that utilize BankOnIT’s services.   

Stories of surprising supply-chain vulnerabilities exposed by the COVID-19 pandemic are becoming all too familiar. First it was medical supplies – equipment, PPE and swabs. Then it was pharmaceuticals.    

Less well known are supply-chain vulnerabilities that are hidden from view. Unseen suppliers behind a visible firm are a critical link that can break the chain.

Exposure to supply-chain disruptions for financial institutions is different, but very real. For FI leaders, it’s their services supply chain that demands attention.

The Federal Bureau of Investigation (FBI) issued an alert this week regarding Business Email Compromise (BEC) attacks. Opportunistic cyber attackers are using the disruption surrounding COVID-19 to perform these and other types of attacks. 

BankOnIT’s client financial institutions from Vermont to California have 15 times more bankers with remote-working capabilities than a month ago. Most of that happened one week in mid-March when we had a hockey-stick spike in requests for work-from-home (WFH) capabilities. 

One of the things we do is help make those remote-working connections seamless and secure, specifically meeting financial-institution needs.  

Plan for COVID-20, 21, 22…

Dr. Anthony Fauci, head of the National Institute of Allergy and Infectious Diseases, stated about COVID-19, “I know we’ll be successful in putting this down now, but we really need to be prepared for another cycle.” Fauci cautioned that Americans need to be prepared for the possibility that COVID-19 could become a seasonal disease.

Consider needs your institution will have for future cycles of this virus.  

2020 will be like 2019 – More Threats and Greater Risk than Before

The risks banks face today from cyber threats are greater than at any time in the past, and these risks are growing. The first 6 months of 2019 reflected a 54% increase in data breaches over the same period in 2018.* 

Nation states, terrorist organizations and organized crime have all moved online and have a varying degree of cyber warfare capabilities at their disposal. Nation states and their proxies seeking to use cyberattacks is a real threat as we start 2020. 

Recently, a number of fraudulent emails were sent to BSA officers at banks and credit unions across the country. The fraudulent email looked like it was sent by a BSA officer at a credit union, asking the recipient for help with a money laundering issue involving a mutual customer; however, the email was actually sent by an attacker.

Your business customers are a prime target for cyber criminals. If their operations are crippled due to ransomware or some other type of cyber attack, this will significantly impact their ability to repay your loan.

An article from The Wall Street Journal illustrates a major disadvantage that employers face: The demand for IT professionals is greater than the supply of qualified people. Today, more Chief Information Officers are not sticking around.

A board’s primary responsibility is to manage risk of all types in the bank, including information security risk. Carrying out good risk management also helps the director to avoid personal liability.

To perform top-level oversight and monitoring of information security as regulators require, the board needs accurate and high-quality information. There are several ways to think about what kinds of IT information the board should receive, and how much: