Ocean Bank’s Sergio Pinon on Cybersecurity: “Number One Protection Is Employee Training”
Hackers have become more professional and expert in breaking barriers established via traditional security measures. Increasing digitization and connectivity has triggered an increase in incidents of data breaches, compelling banks to strengthen their security systems.
Sergio Pinon, SVP& Director of Security of Ocean Bank, believes Financial and Government sector are the most targeted industries by hackers. In his words, for the Financial Industry “This has become the biggest threat for the past two years and growing”. Sergio believes number two is conducting periodic risk assessments of different types, but number one protection is employee training. Conduct regularly security chats with the customers on Cybersecurity is also something he suggests.
Sergio Pinon will be moderating the session “Cyber Security Trends” to be held in CL@B 2017, the 17th Financial Technology and Innovation Conference, organized by Florida International Bankers Association (FIBA) and Latin American Banking Federation (FELABAN) in Miami between August 30th and September 1st.
What industries are the main targets of hackers?
Financial and Government sector.
How big is the thread of a cyberatack to the Financial Services industry?
This has become the biggest threat for the past two years and growing. The financial impact is over 2 billion dollars a year. Average cost of a breach is around 4.5 million dollars depending on the size of the institution and system or data compromised.
How do Financial Services firms protect themselves?
Number one is employee training due to the vast amount of breaches as a result of email malware, Number two conducting periodic risk assessments of different types such as External Penetration Tests, Internal Vulnerability Assessment, GLBA Risk Assessments, Cybersecurity Risk Assessments, monitoring system log activity on a 24 X 7 timeframe, and staying informed of vulnerabilities.
What is the investment in cybersecurity devoted to?
Training, expert hiring, governance and tools to identify, prevent, detect and respond to a threat.
What is the goal of a cyberatack? What do criminals look for?
Mainly for financial gain and stopping operations.
Do clients show their concern on it?
Absolutely and it could create a reputational risk as far as losing customer base if the institution suffers a breach.
How does a firm show clients it is ready for a cyberattack?
By asking their Security Experts to speak to those who are concern and also conduct regularly security chats with the customers on Cybersecurity.
How do clients accept the new security procedures that usually turn operations more complicated when part of their requests are simplicity, easiness and a good client experience?
If well explained, usually very positive. Again it leads to employee training to know how to deal with customer concerns and provide a very positive explanation on the matter.