According to a 2018 Risk Survey done by BankDirector[dot]com, 48% of financial institutions under $500 Million in assets are not sure if they have adequate levels of cybersecurity expertise.
Considering that expertise is what allows your financial institution to manage cybersecurity rather than react to it, this should be a startling statistic to all of us.
So why is it that so many banks are in the dark? Or worse, they see the writing on the wall but feel like they can’t do anything about it?
The financial services industry has transformed to a technology-driven business model, and with that comes a host of threats that are constantly changing. This is even true for small financial institutions. And whether you want to admit it or not, cybersecurity is a risk at your bank or credit union. According to that same survey 84% of Financial Institutions rate Cybersecurity as one of their top 3 risks. But just like any risk, with a proactive approach, it can be managed and mitigated.
The question is: Do you have the expertise in place to manage and mitigate your cybersecurity risk?
Enter the CISO
In larger organizations, where resources seem almost unlimited, a full-time, in-house Chief Information Security Officer (CISO) is that expertise. The CISO fills the management and leadership role in cybersecurity. They set the policies, provide oversight, and communicate with management on where they stand as a whole.
The CISO is one of the key components to an effective information security program, and an experienced one can range from $100K - $200K+ per year in salary.
But for many community banks and credit unions, hiring a full time CISO is simply not an option. That’s probably why only 52% of financial institutions <$500 Million in assets have one, and that’s a problem.
And the continuing cybersecurity skills shortage will only make this worse.
That means if you are still reading this, you might be in the group that doesn't have a full time CISO and you’re wondering how you get Cybersecurity expertise in your institution, and the peace of mind that comes with it.
How would it feel to be confident that your financial institution is adequately managing cybersecurity?
Our Solution
If you've been keeping up with our blog, you know we are passionate about the vCISO offering and we’ve been working our tails off trying to improve it in order to make a bigger impact.
With that being said, we’ll be launching new products and services that really address this statistic in the next couple weeks and our subscribers, get early access!
We do have a limited capacity so make sure to sign up for our newsletter if you aren't already. And if you know of a bank or credit union who could use some help in this area, please pass this information along!