Top of the Agenda in Tough TimesMain Areas of Concern for Banking Institutions in a Struggling Economy We recently spoke with Kent Anderson, who has more than 22 years of experience in security and is CEO and Managing Director of Encurve, LLC; an information security consulting company based in Portland, Oregon. Anderson routinely interacts and advises senior executives at banks and other organizations on informed security risk strategies and practices, law enforcements, sound security policies and program implementation. Here he stresses few areas of immediate concern for the financial institutions in the down economy.
Areas of Immediate Concern Are:
- Upcoming and quick Increase in mergers within the banking industry, which fairly disrupts the security program and effective security functioning and monitoring activities at these institutions, thereby subjecting them to increased vulnerabilities and fraud.
- Consolidation of resources within the industry, which results in employee layoffs, lack of resources in terms of inadequate funds, people.
- Increase in employee dissatisfaction, leading to increased internal threats and fraudulent activities.
- Long term increase in regulations across the board within the banking industry, which will certainly have major security implications. Any banking regulation will have more security components, and fear is that these regulations may pass very quickly without much foresight and have tremendous impact on banks and other financial institutions. Immediate regulatory action is likely in expansion of Sarbanes Oxley (SOX) type of regulation and more laws governing customer privacy and information. Mortgage lending is another area which is likely to see changes and laws governing the lending policy.
What should banks focus on?
- At these crucial times banks must keep their business and strategic focus to enable businesses to move forward and not utilize their energies in fire fighting tactical operations and creation of new technology, maintains Anderson.
- "Security professionals will need to work diligently to effectively monitor criminal and fraudulent activities, which is definitely going to increase as the economy slides down," Anderson says.
- Focus needs to be reestablished on asset-based risk management practices- What are the priorities of assets and how they play in business -- what do we need to protect? And how do we protect it?
- A well-crafted security awareness program directed not just on the user but on IT security practitioners and executive level officers is much required so that they understand the risks of the business, its impact and establish effective programs and policies to mitigate these risks.
- Every bank and financial institution will need to adopt a systematic security business model that will focus in filling in the gap in today's security industry and in identifying and maintaining strategic security needs of its businesses.