Last week, American Banker hosted its brand new conference, Cybersec 2016 in Midtown Manhattan. Penny Crosman (@pennycrosman), Editor at Large, American Banker, did a great job as chair of the event and brought together thoughtful presenters and panelists. There were great insights from leaders in the industry from BBVA, Bank of the West, USAA, Mastercard, U.S. Bank, and many others. It was a fantastic day of information sharing - exactly what we need more of within the Financial Services Industry.
Here are three key themes I heard throughout the day:
1. Financial Services Institutions Security Budgets Continue to Rise
According to a recent American Banker CISO survey, more than half of bank's security budgets have been increased for 2016, just fewer than 40% report keeping their budgets the same and, only 5% report a decrease in spending. What's driving this increase? The reasons are many - not in the least are pressures from regulators but, right behind are concerns over protecting infrastructure from hackers, phishing, malware and DDoS attacks. Also, in response to increased concerns over mobile banking security, the survey indicates an increase in spend specifically on mobile.
According to a recent Gartner study, spending of information security world-wide in 2015 was $77Bn, and some sources indicate that cyber crime costs will reach $2 Trillion by 2019. Given this landscape, we must improve our ability to come together and share threat intelligence.
2. The Importance of Threat Intelligence Sharing
Jason Witty, Executive Vice-President and Chief Information Security Officer, U.S. Bank, gave an insightful and informative keynote. Jason is also a Board Member of the Financial Services Information Sharing and Analysis Center (FS-ISAC) - which shows his commitment to threat intelligence sharing and his strong belief in the great work the FS-ISAC is doing.
We are living in an unprecedented threat environment. Given this climate and financial institutions' reliance on digital infrastructure - now, more than ever, threat intelligence feeds should be at the forefront of all functional requirements, in order to ensure operational resiliency. Financial institutions of all sizes should consider joining a threat intelligence information sharing service, such as FS-ISAC. FS-ISAC has affiliations with the Clearing House and Exchange Forum, Payments Risk Council, Payments Processor Information Sharing Council, Business Resilience Committee, Threat Intelligence Committee, Insurance Risk Council, Compliance and Audit Council, Asset Manager Council, Broker-Dealer Council. Akamai is proud to be an affiliate member and we look forward to seeing you at the 2016 FS-ISAC Fall Summit.
3. We Must Continue to Build Trust Through Innovation
According to the Edelman Trust Barometer, when a company is trusted, 51% of people will believe positive information after hearing it 1-2 times. Financial institutions have known for a long time that trust is single most important factor for success. They must have the trust of individuals, regulators, and the entire ecosystem. The good news is, that financial institutions today have a unique opportunity to provide differentiate value by evolving their security posture beyond simply protecting the institutions assets to one that is focused on enabling trust in the new digital environment. Security professionals within financial institutions can contribute to the digital transformation while maintaining adequate risk levels by providing comfortable security experiences.
By bringing security into every business discussion, the opportunities for innovations in security and authentication are limitless - and those innovations are sure to bring about the balance between security and convenience that our customers demand.
Thank you to American Banker and to all the great speakers for an incredible day of information sharing.