The Risk Management Associate released several papers and webinars on cyber security. Cyber threats continue to target vulnerabilities in bank and third-party systems. Depending on their objectives, malicious actors may seek to expose or obtain large quantities of personally identifiable information and intellectual property, facilitate misappropriation of funds and data, corrupt information, and disrupt business activities.
Failure to maintain proper cybersecurity controls, both internally and for third-party service providers, can lead to material adverse impacts on a bank or systemic risk. Banks are generally responding well to common cyber events, but malicious actors continue to improve their tools and tactics, requiring banks to continually reassess and validate their cybersecurity controls.
Cyber attacks can have serious consequences for institutions, including:
- Reduced availability or diminished response times of online banking services;
- Identity theft;
- Fraud;
- Theft of proprietary information;
- Loss of customers/loss of revenue;
- Costs to remediate;
- Legal fees, judgments, fines/penalties;
- Increased regulatory scrutiny; and
- Loss of reputation