Helping our members with cyber threats
First, a big thank you to everyone I’ve met in the three months I’ve been your vice president of information technology and security at TBA. The phone calls, emails and handshakes welcoming me to TBA have been incredible, and I’m honored to be a part of your great association.
I began my career in information security a little over 25 years ago as a network security engineer with MCI. That doesn’t seem that long ago but, over the years, I’ve watched the sophistication, impact and scale of cyber-attacks grow exponentially, from the nuisance attacks with computer worms and viruses in the early 1990s to the large-scale data breaches that we continue to see almost daily.
Since MCI, I’ve held several roles in security, from healthcare and higher education to the last seven years I worked in financial services. Although my experience has been in different industries, they all feel the same pressures and increased scrutiny to ensure our organizations meet the cybersecurity challenges head-on.
In late May, we launched the TBA Cybersecurity Benchmarking Initiative for the benefit of our member banks. To our knowledge, it’s the first-of-its-kind, comprehensive study on the cyber posture of banks across the state.
In meetings with bank leaders and technology staff, CEO Chris Furlow has repeatedly been asked the same question: How does our bank’s cyber maturity and readiness compare to our peers? The benchmarking survey will allow your bank to assess its maturity to other banks of your charter type and asset size. Further, the anonymized data will help TBA understand how we focus on programs that help our member banks constantly improve their cybersecurity and resilience.
As a participating bank, you will receive:
- An online dashboard that highlights your bank’s FFIEC CAT results in multiple ways as compared to other banks of similar asset size and charter;
- An online report showing a unique, prioritized action plan based on your bank’s FFIEC CAT results and alignment with key standards such as the NIST Cybersecurity Framework; and
- An opportunity to view your FFIEC CAT data in the online platform for 30 days.
The greater the bank participation, the richer the data will be. I’m encouraged by the support and participation we’ve received thus far. If your bank has not yet participated, it’s not too late. It’s free, easy and secure. Contact me at [email protected] to participate. We hope to have this survey wrapped up no later than early August.
Another big cyber initiative we are launching in the very near future is our threat intelligence platform pilot program. We’ve chosen a market leader in threat intelligence to help our banks build a true information sharing platform.
In years past, the problem was lack of information for cybersecurity professionals. But with the onslaught of data feeds, a problem today is huge volume and determining what is relevant, timely and actionable. In the short time I’ve been a part of TBA, I’ve been encouraged by the fact that we already have several Texas bankers forming local and regional peer networks where they share information on cybersecurity and physical threats. Our objective with the TBA information sharing pilot is to create a platform to allow our banks to be more proactive and less reactive in combating cyber-attacks and cybercrime.
Funded and supported by TBA, we are seeking to develop many benefits for our members.
- Threat intelligence sharing of timely, actionable and relevant threat intelligence among our members.
- A centralized intelligence platform that aggregates and normalizes member threat intel into one, easy-to-use platform.
- Enrichment and enhancement for security investigations with high fidelity member intel.
Quite simply, we feel this will be not only be an invaluable tool for our bankers, but a platform that our bankers will be proud to own.