Alvin Mills

Alvin Mills
VP of Information, Technology & Security

Strong cyber banks, stronger cyber communities

Cyber Front Cloud A survey conducted by The Harris Poll found that an overwhelming majority of consumers (92%) have concerns about the security of their personal, confidential online data. Cyber-attacks have become more sophisticated and cybercriminals continue to develop clever ways to breach networks. A breach can lead to online fraud, identity theft and corporate takeover. Fraud committed against bank accounts is a growing threat and cybercriminals can drain funds from a bank account in minutes.

I reluctantly use the words clever and sophisticated to describe these cybercriminals. They prey on human weakness. They can go to the dark web and purchase various hacking tools and scripts, which are pre-packaged and ready to detonate. Nothing clever about that; they just need some bitcoin and an uninformed victim.

Financial institutions are doing a much better job of training their personnel against cybercrime — but what about their customers? We have a unique opportunity to not only build stronger relationships through customer education, but to also enhance our own anti-fraud efforts by providing accurate, easy-to-use advice that helps customers protect themselves in the event of a security incident.

Compromised financial data represents one of the most threatening issues for financial institutions and consumers alike, so it comes as welcome news that consumers are interested in receiving education from their banks.

Earlier this year, TBA and the Texas Department of Banking produced a double-sided handout that provides “8 Tips for Banking Online Safely” and “8 Tips to be More Cybersecure.” The handouts, available in English and Spanish, are perfect for statement stuffers or to be distributed in lobbies. They were created for customers to keep near their computers when conducting online transactions. To date, we’ve printed and shipped well over 100,000 copies.

But we can and should do more to help our customers and communities. Many Texas banks have embraced this and are doing great things in their local communities. I’m excited to showcase a couple of bankers that have taken this to another level.

Teri Petrzelka, vice president and information security officer with Central Bank in Houston, shared with me what her bank does to educate their employees, board members and customers:

  • Send frequent educational emails to staff and encourage them to share with family and friends (If information is sharable).
  • Keep website updated with the latest scams and tips to counteract them.
  • Share information with other financial institutions on vulnerabilities, scams and fraud.
  • Tech Talks — Meet with other bankers to learn how they handle particular issues.
  • Offer customer cyber security training.

Tim Leonard, far left in the photo, was instrumental in partnering with The Pwn School Project, which educates IT professionals in ethical hacking.“We have been educating customers for many years by including the latest information on security, cyber and fraud scams on our website,” Petrzelka added. “Beginning in 2014, we hosted our first Cyber Security Customer Training. In the beginning, we started with lunch and after-hours training sessions. After the first year, we learned lunch sessions work best. We offered this training to our high risk/high balance commercial customers. Let’s face it, if they secure their systems, there will be less chance of one of their systems getting hacked and causing financial loss through us.”

Deep East Texas Security (DETSEC) was formed in 2017 by Tim Leonard of Commercial Bank of Texas in Nacogdoches. DETSEC’s purpose is to promote networking among the public and IT professionals across many different industries. Living and working in rural Texas makes it hard for many IT workers to attend meetups and conferences. If a person is fortunate enough to go to a conference, it is often industry-specific and there is not a platform for sharing.

One of DETSEC’s missions is to bring conference-level security presentations and information to small-town professionals. DETSEC is not a financial institution fraud group; it is public InfoSec meet up with a significant focus on computer security and privacy.

There is no certification requirement or annual dues to be a DETSEC member. The membership has grown quickly to more than 170 and includes IT staff from banks, hospitals, local government, schools and private businesses as well as students and citizens. The group meets once a month to discuss current cybersecurity topics.

These are a couple of great examples of how our bankers are stepping up to the plate and helping customers and communities be more cyber aware and cyber resilient.

[email protected]