15 October 2015
Op risk experts question banks' cyber strategy
By Steve Marlin
As October is a designated National Cyber Security Awareness Month in the U.S., Risk.net runs a feature story on banks’ cyber strategy. Speaking with experts from the field, the article explores various aspects of operational risks in financial institutions, from flawed technology and malicious acts to human error, the latter often being the most common reason for failing to protect data security. While many firms spend millions of dollars on front end security, the highest risk is often attributed not to a potential threat to a ophisticated system, but to the “weaknesses in internal controls,” such as open emails, mistakenly sent files and unlocked computers left unattended.
“Alexei Miller, managing director at DataArt, says: "The funny thing is those headline-making incidents are most often caused by some mundane operational lapses. The general public would be amused to know how much of a cyber criminal's success is driven not by some ingenious technical ninja tricks, but rather by exploiting simple human vulnerabilities.”