Research published by PwC and the Centre for the Study of Financial Innovation (CSFI) found an unusual trend in bank threats related to the financial industry. The director of CSFI, Andrew Hilton, said that “[his] guess is that, for many respondents, ‘criminality’ and ‘technology risk’ overlapped – which would make cyber risk an even more pressing concern than this year’s report suggests it is.” And with social media making the largest move on the Banana Skins list, it’s safe to say that there are significant overlaps when dealing with technology and the risks associated with social networks. After reading the report, the three newest members (social media, technology risk and criminality) to the list of trending bank threats are all very closely related.
Figure 1. Risers and fallers from Banking Banana Skins bank threats Report
Compared to last year’s list, the biggest increase in priority were in ‘criminality’ and ‘social media.’ The CSFI defines criminality as “the risks to banks in areas such as money laundering, tax evasion and cyber attack.” While describing social media as “the risk that a bank’s brand could be harmed by social media.” As one banking consultant so wisely said, “Harm is just one tweet away.”
Social media’s rise as a major risk is attributed to a number of reasons. First, the ability for banks to maintain their brand reputation is very difficult given social media’s “light speed and unprecedented reach.” This lack of predictability and accountability make social media more feared for its potential risk, not necessarily for what has already occurred. One thing that makes social media risks such a concern for banking professionals is “at times it is difficult for banks to respond to criticism due to privacy or competitive concerns.” Making for a difficult situation to try and correct in a manner that is appropriate for all parties.
While the report covers a number of additional areas in which banking professionals are fearful of coming changes, social media, criminality and technology risk are areas that have significantly grown since their last Banking Banana Skins report. With each of these concerns becoming more difficult to control as they are continually ignored by institutions, it is a relief to hear that these areas are finally coming into the spotlight as major areas bank threats that can not be ignored any longer.
Here at ZeroFOX, we understand social media, but more importantly (we know cyber security) we had the foresight in recognizing the potential security risks that social media would pose to businesses. The Banking Banana Skins 2015 report does a great job of helping paint the risk landscape as it pertains to banking professionals, and financial institutions. While “social media should keep institutions on their toes and act as an early warning system rather than a threat,” the likelihood of a detrimental post, tweet, or account hack is a reality of this day and age.
Spear phishing to obtain a CEO’s admin access, customer fraud & scams tricking loyal customers into giving out their personally identifiable information, or maybe it is just another “run of the mill” account takeover. Regardless of the social media use case, you better believe that situations like these, and others, are happening every day. And that’s just what we know about. With social media coming online just a decade ago, there is no next step for security experts to follow as they work to continuously monitor and protect you on the social networks.
Read the full report here: Banking Banana Skins 2015.