7
/ Wednesday, April 27, 2022
FDIC Rule to Notify Customers After Breach of Systems
Financial malware hits institutions and individuals
A
Zoe Landi Fontana, The Weekly Journal
@Landi_Zoe
s of May 1, the Federal Deposit Insurance Corporation (FDIC) will require that all banks notify their customers of any breach or hack of their systems within 36 hours. This move follows an increase in regulatory and federal efforts to standardize the procedures and time frames in which institutions report incidents. Among banks and businesses alike, rates of digitization have been increasing. With this comes the necessity to address all possible implications for the future of cybersecurity.
It is important that, regardless of any notification by the institutions about a cyber attack, the client carries out a constant monitoring of their accounts to report any suspicious activity that is reflected in them, Zoimé Álvarez Rubio Executive Vice President, Puerto Rico Bank Association
“One of the key steps FDIC-sponsored organizations can do other than monitoring the amendment status is to take inventory of their current incident reporting processes and timelines,” said Davie Murphy, Manager of Cybersecurity at Schneider Downs. “While the amendment is in the proposal state, these organizations need to know where they stand now so they can gauge the number of work/changes they will need if the amendment is approved.” A 2022 report by McKinsey & Company predicts annual costs related to cybercrime to increase
by 15% annually - reaching $10.5 trillion a year Kaspersky Labs, a cybersecurity and antivirus by 2025. The same report projects spending on provider, detected on user computers over cybersecurity providers to hit $101.5 billion by 250 million attempts to follow a phishing link. 2025 as well. Of these, an estimated 41.8% targeted users’ Zoimé Álvarez Rubio, Executive Vice President finances - online banking, payment systems, and of the Puerto Rico Bank Association (Spanish e-commerce. acronym, ABPR) expressed the following to THE To avoid fraud and scams, the FDIC WEEKLY JOURNAL: “Puerto Rico has a strong, recommends the following tips: transparent, and highly regulated commercial Be wary of emails or text messages that require banking industry. Our bank is following a link. Clicking the link federated and is governed by the could lead to the installation of laws and regulations applicable malware, which allows thieves at the federal level, as well as to gain access to sensitive state. Many of these regulations information. respond to consumer protection Any email or phone requests A 2022 report and the healthy administration of to update personal information by McKinsey & institutions, ensuring the safety, should be treated with suspicion. Company predicts soundness and liquidity of the Legitimate organizations will annual costs related banking system.” not ask for information using to cybercrime to an unsecured method, as they increase by 15% already have the user’s personal Protecting Users annually, reaching information in their system. “It is important that, regardless $10.5 trillion a year If an offer seems too good to of any notification by the by 2025. be true, requires fast action, or institutions about a cyber attack, asks for funds to be sent quickly the client carries out a constant by wire transfer - it is most likely monitoring of their accounts to a scam. report any suspicious activity that Be on the lookout for disaster-related is reflected in them,” commented Álvarez. financial scams. These types of scams Financial malware, a term used to describe target victims of catastrophic events - fires, malicious software that targets financial hurricanes, earthquakes - by pretending to be institutions, can take many forms, yet phishing representatives of a charitable organization, remains one of the most common. Although the while in reality, they endeavor to steal money or tactic may seem overly simplistic, it is exactly that personal information. quality that makes it such an effective technique.
In fact,
