At the Crossroads with Banking Security
Needless to say, the banking industry has weathered some heavy criticism from its business customers about how financial institutions aren't backing up their security talk with real protections..
The numbers continue to rise as businesses' online banking accounts suffer not just from fraud losses, but from what I've already described as "The Perfect Storm" of public opinion that their institutions aren't doing enough to protect them from these cyber criminals who have looted their accounts.
Business leaders intend to approach their banking institutions directly and ask the pointed question: Will you stand behind your security?
The call for action has been heard, as banking and industry associations have poured money and manpower to develop education programs and find technology solutions that will help stop this flood of attacks.
I just hope this all won't be met with indifference by the banking community.
As the FS-ISAC, the American Bankers Association and NACHA work to develop some real "hands-on" solutions for institutions to use and educate their staff and business customers, we're all faced with the reality that the industry is at a crossroads of security.
We've known that online banking, when done right, has brought our institutions more customers, bigger cost savings and real advancement in how we interacting with our customers. The tradeoff, as security experts have pointed out multiple times, is while we give customers the immediacy of being able to do a transaction, some institutions have taken a shortcut to offer that ability. Hence, the crossroads at which we find ourselves.
So, do we take security -- especially online banking security -- seriously now? Or will we see business customers begin an exodus to those institutions that offer a security pledge to back up their fraud and security controls? The answers may well be influenced by a legislative solution, as lawmakers in Washington, D.C. are being approached with legislative proposals aimed to force the industry to offer improved security.
Further, there is a grassroots movement being readied to launch by a group of small businesses already hit by corporate account takeover. These business leaders intend to approach their banking institutions directly and ask the pointed question: Will you stand behind your security and fraud controls if my account is defrauded by cyber criminals?
What is your answer going to be?