Heed the warning: geopolitical tensions mean more cyber risk and regulatory oversight for financial institutions

Malware. Social engineering. Denial of service. In recent years, these and other harmful cyber attacks against American financial institutions have increased in frequency and severity. The result? Many bank CEOs now identify cybercrime as their No. 1 concern. These attacks take computing prowess. So, more and more often, they are backed by players with copious amounts of capital. And they involve the use of artificial intelligence (AI) tools to quickly crack passwords and breach other security measures. If your bank doesn't have sufficient real-time monitoring, comprehensive breach notifications and alerts, and sophisticated vulnerability assessment capabilities, it is among those most at risk.

Earlier this month, the Department of Homeland Security's dedicated cyber advisory unit, the Cybersecurity and Infrastructure Security Agency, issued a warning regarding the intensified threat of a cyber attack amid increasing geopolitical tensions. In the wake of this warning, America's financial regulatory heavyweights doubled down on the critical importance of prioritizing cybersecurity preparedness and resiliency in the financial services industry.

Specifically, last week, the Office of the Comptroller of the Currency (OCC) and Federal Deposit Insurance Corporation (FDIC) issued a joint statement on heightened cybersecurity risk. In the bulletin, the OCC and FDIC reminded banks to use sound risk management principles and risk mitigation techniques to reduce the risk of cyber attack and minimize the negative impacts of a successful attack. The statement covered response, resilience, and recovery capabilities, system configuration, authentication, and examples of strong IT risk management practices and controls.

The regulators advise banks and financial institutions to:

• Ensure sufficient mirroring and data replication capabilities to back up production systems on a near-real-time basis
• Backup systems either on segmented portions of the network or offline
• Regularly test recovery capabilities to respond to ransomware or malware
• Conduct periodic exercises to demonstrate that cyber recovery capabilities function as expected
• Conduct backups of all critical data and system configuration information at an appropriate frequency
• Maintain a data classification program to identify sensitive and critical data
• Periodically test the ability to reconstruct data in the event of a destructive attack

They also emphasized the importance of providing employee training on social engineering risk, employing capable in-house cybersecurity staff, and using a qualified managed service provider firm to actively monitor systems for network threats and vulnerability.

The bottom line: banks need to apply more focus and resources to cybersecurity. Now. And it's time to fight fire with fire and use modern AI tools to combat AI-based crime.