In a report released July 5, the Government Accountability Office states that threats of hacks are becoming more frequent and more sophisticated, and estimates that banks and other financial institutions have already incurred “hundreds of millions of dollars in losses.”
The report makes a series of recommendations for how banks and financial regulators may improve on cyber security, pointing first to the failure of many institutions to make data security a priority until after an incident has occurred. The report first proposes that bank regulators be granted the authority to examine the third-party vendors that many credit unions use for technology services. It also warns that the increasingly popular mobile banking apps must be made more secure, and that regulators should employ more IT specialists to examine small and medium-sized institutions.
Most importantly, banks must be more open to sharing information on threats. The information-sharing process remains fairly slow, and reports often lack details.
The report states, “Data breaches and security incidents require rapid response to mitigate impact; therefore, effective preparation or responses require timely and usable information.”