I studied the trends in cybersecurity in the banking industry and presented this PowerPoint to my University Studies class at University of Maryland University College.
Essential Grammar in Use 4th Edition by R. Murphy.pdf
Cybersecurity trends in the banking industry
1.
2.
3.
4.
5. United States is one of the last
countries to implement the chip-and-pin
technology
October 1, 2015– Fraud Liability Shift
Will reduce card-present fraud
According to the Toledo Business
Journal, a credit union in Ohio incurred
over $100,000 in fraud losses due to
card compromises (Toledo Business
Journal, 2015).
6. • The implementation of EMV cards is going to change
the banking industry who holds the liability.
• Policy changes by MasterCard, American Express,
and Visa will protect from certain liability.
– Example: A bank issues EMV cards to customers, but the
merchant fails to adopt the chip-and-pin technology, then
merchant will face the liability in the event of a data
breach.
7. • Training is crucial when it comes to
training employees and could reduce
likelihood of accidental breaches
• One study showed that 78% IT
personnel indicated they have
experienced a data breach in result of
employee negligence (Abawajy, 2014).
• Training and awareness is the most
cost-effective form of security control!
8. • Many companies are
implementing
cybersecurity awareness
programs
• By increasing awareness,
the outcome of a security
breach may decrease
• Employees are frontline
defense against these
cyber criminals (ABA Banking
Journal, 2014)
• Employee negligence could
cost financial institutions
major loss and liabilities, and
affecting the reputation of
institutions.
• Many banks and credit unions
are starting to use the FFIEC
Cybersecurity Assessment
Tool (Released June 30,2015)
9. • Identity theft
– As EMV cards are deployed, it
should reduce card-present fraud;
BUT card-not-present fraud could
increase along with identity theft.
– Financial institutions are educating
their members with newsletters,
pamphlets, and on the company’s
websites.
– Some companies will likely start
implementing methods to
authenticate callers to prevent
phone “spoofing” (ABA Banking
Journal, 2014).
10. EMV cards
– Today, 100% of fraud liability is on the
card issuer
– Companies are trying to determine if the
cost of the technology is going to
outweigh the benefits
– Less than one quarter of retailers are
EMV compliant
– Numerous companies need to upgrade
their systems, but many say it’s
unnecessary.
– Companies are reluctant on upgrading
their POS systems due to how expensive
it is
11. • Training & Awareness-
– Many companies are starting to
employ phishing awareness
assessments amongst employees
– FFIEC and NIST took the steps to
increase awareness in the U.S. and
assist companies in calculating their
inherent risk profile (Stechyshyn, 2015).
– For those companies that do not have
a cybersecurity strategy in place, this
tool will guide them in developing
one.
– Institutions and other businesses are
already using this free resource
12. Conclusion
• These trends are not going away anytime soon
• Education is key!
• EMV cards are going to become the new
standard. By 2016, an estimated 500 million
EMV cards will be active in the U.S.
• Employees are the frontline defense against
these threat actors. Training is imperative!
13. • Abawajy, J. (2014). User Preference of Cyber Security Awareness Delivery Methods. Behavior
& Information Technology, 33(3), 236-247.
• Lazette, M. (2014). Credit union puts chips on fraud protection. Crain's Cleveland Business,
35(4), 5. Retrieved from
http://ezproxy.umuc.edu/login?url=http://search.proquest.com.ezproxy.umuc.edu/docview/1
494489918?accountid=14580
• Retailer cyber security harming area financial institutions. (2015). Toledo Business Journal,
31(6), 25. Retrieved from
http://ezproxy.umuc.edu/login?url=http://search.proquest.com.ezproxy.umuc.edu/docview/1
698149300?accountid=14580
• Sauer, C. (2014). Data Security: How Much Will EMV Help?. Credit Union Magazine, 80(7), 26.
• Working Together to Protect Against Identity Theft. (2014). ABA Banking Journal, 106(9),29-48
• Stechyshyn, A. (2015). Security vulnerabilities in financial institutions (Order No. 1586590).
Available from ProQuest Dissertations & Theses Global: Science & Technology. (1677223944).
Retrieved from
http://ezproxy.umuc.edu/login?url=http://search.proquest.com.ezproxy.umuc.edu/docview/1
677223944?accountid=14580