Comments
State Governments & the Future of Cyber Security Regulation
Newest First  |  Oldest First  |  Threaded View
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
7/10/2014 | 12:01:30 PM
Re: Low hanging fruit
It's my understanding that this is already starting to happen to some extent. More attacks are aimed at mid-size banks right now as the largest ones have really upped their security measures. Eventually the mid-size banks will similarly improve and then the fraudsters will likely turn to community banks and credit unions.
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
7/10/2014 | 11:59:52 AM
Re: State Governments & the Future of Cyber Security Regulation
No matter what the cost of compliance is here, it won't be nearly as much as the cost of a breach. So that approach wouldn't make that much sense dollars-wise, especially if you figure that the fraudsters would probably start to target banks in the states with the least strict regulations. And they definitely would do so eventually. They're pretty clever that way.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
7/9/2014 | 4:52:52 PM
Re: Low hanging fruit
Good point. The ability to fly under the radar was also seen during the credit crisis. Following the credit crisis, there were many dozens of small banks that were shut down because of bad debt. No one ever really thought to look at these small banks at the beginning of the crisis. But as their balance sheets got worse, they had to be closed.
Rodney Brown
50%
50%
Rodney Brown,
User Rank: Author
7/9/2014 | 3:33:03 PM
Re: Low hanging fruit
I have a relative who consults for banks on risk, and he agrees that poor oversight is one of the greatest risk factors for small bank failure. The feds have very strict guidelines about percentages of bad debt outstanding, and without that being checked regularly, the smaller banks often get way out of line with those guidelines. The same could easily be true of cyber security regulations.
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Apprentice
7/9/2014 | 2:30:57 PM
Re: State Governments & the Future of Cyber Security Regulation
Do you worry that a lack of uniformity will result in a "race to the bottom" where institutions decide to put their HQs in states with weak regulations and lax enforcement? That's a reasonable business decision in the short term, which is what investors seem to look for.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
7/9/2014 | 10:17:12 AM
Low hanging fruit
Although Paul Smocer, president of BITS, says that small banks have fewer risks, because attackers tend to target large institutions, small bank CIOs (or CISOs, if they have them) need to realize that hackers and cybercriminals will always target the banks with the weakest security -- no matter the bank's size.

As the larger banks step up their cyber preparedness, the smaller banks need to keep pace, or the criminals will go after the smaller, but easier to obtain, targets at small banks.
Byurcan
50%
50%
Byurcan,
User Rank: Author
7/9/2014 | 9:12:05 AM
State Governments & the Future of Cyber Security Regulation
This makes sense, states can and should be allowed to take the lead in a  wide range of issues affecting them without having to wait for any direction from the federal gobernment.


Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.