October 18, 2016, Mt. Prospect, IL – According to a recent PwC report, 59 percent of financial services businesses are investing in training and education programs to better defend against evolving security threats.1 In part two of this three part news brief series, Cummins Allison, the leading innovator and provider of check, currency and coin handling solutions, as well as ATMs, discusses the importance of enlisting employees – and customers – to help maintain ATM security.
Cyberattacks “Phish” for your Employees
Employee, customer, and “soft” IP data remain the top three targets of cyberattacks in financial services.1 And one of the ways cyber thieves target FI employees and customers in their efforts to extract sensitive data is with phishing – the sending of unsolicited emails attempting to get recipients to click on a link or take an action. When they do, the result is often the downloading of malicious software, called malware, onto the FI’s systems and networks – including ATMs. Phishing remains a top security challenge for the financial services industry, with 31 percent of all phishing attacks targeted at FIs.2
Take Proper Security Measures to Combat Cyberattacks
To combat phishing, it's not enough to have the best anti-virus or malware detection software in place: employee education is also critical. Your employees can be your best line of defense against security attacks if they are aware of the scope of threats aimed at the FI.
FIs should ensure that:
Employees know the importance of not clicking on unknown emails or ads on reputable sites, and to be able to recognize bogus emails and ads.
All personnel are warned not to use unsecured devices or connect unprotected personal devices, such as flash drives, to company systems.
Additionally, FIs should ask these questions when addressing security issues within the company:
Do you have a formal security training program for all employees?
Do you request that your employees inspect your ATMs for physical anomalies whenever they use them?
Have you established and communicated policies regarding unsolicited emails?
Enlist Your Customers for Added Awareness
Not only can your employees guard against security attacks – enlisting your customers to help is also important. You don’t want to raise undue fears or concerns, but you do want your patrons to know that you understand potential threats and have taken the necessary measures to ensure proper ATM security.
Some FIs even use ATM idle screens to convey anti-skimming messages and remind users to check for foreign devices on the ATM. Don’t wait until you’re on the defensive: let your customers know what you’re doing and enlist their support.
Today, virtually everyone is aware of security and data protection, and ATM scams are regularly documented in the media. However, it’s important that you don’t allow others to dictate the message your patrons receive. Letting your customers know that you are continually working to make your ATMs more secure delivers a strong, positive message for your FI.
To learn more about how to assess your current and future ATM security requirements, visit www.cumminsallison.com/atm.
1 Pwc.com, “Turnaround and Transformation in Cybersecurity: Financial Services.” http://www.pwc.com/gx/en/consulting-services/information-security-survey/assets/pwc-gsiss-2016-financial-services.pdf
2 Phishlabs.com, “PhishLabs 2016 Phishing Trends and Intelligence Report.” https://www.phishlabs.com/phishlabs-2016-phishing-trends-intelligence-report-hacking-the-human/
About Cummins Allison
Cummins Allison is the leading innovator and provider of check, currency and coin handling solutions, as well as full-function ATMs. Our world-class sales and service network includes hundreds of local representatives in more than 50 offices in North America, 6 wholly-owned subsidiaries and is represented in more than 70 countries around the world. For more information about our award-winning solutions, visit www.cumminsallison.com.