To protect your organization from the risk of cyber related attacks, consider these recommended tactics:

☑ Malware Protection and Endpoint Detection and Response (EDR) Tools Are Critical

Solid endpoint detection and response tools can significantly mitigate a ransomware attack from occurring. Baseline security standards used to be a “firewall” used to protect the perimeter of a network. As more banks give access to remote users, including employees and customers, that protection needs to be extended to the remote devices that access the network. The best EDR software analyzes end user behavioral patterns and sends an alert to the system administrator (or automatically cuts off access) if anomalies are detected.

☑ Backups Must Be Encrypted

Encrypted backups increase the likelihood that a bank will be able to restore its system in the event of an attack, potentially reducing or eliminating payments in the event of a ransomware attack.

☑ Disconnect Backups From the Organization’s Network

While encrypted backups mitigate the risk that a threat actor can alter or “re-encrypt” data, backups that are connected to a bank’s network can still be deleted. Accordingly, at least one critical backup should be disconnected from the bank’s network.

☑ Use Multifactor Authentication (MFA) For Remote Access

Threat actors are not on site; they target a bank’s systems from remote locations. MFA is critical to preventing an unauthorized user from accessing the bank’s system. It should apply to all remote users whether employees, customers, or third parties such as vendors.

☑ Build Staff Awareness

People are the most vulnerable entry point for cyber attacks. Regular security training that emphasizes phishing and how to spot suspicious emails is recommended. Training should be tailored to unique job situations or roles, making it relevant to an employee’s day-to-day work. Additionally, all training should stress the importance of reporting suspicious activity immediately no matter how innocent it may seem.

☑ Use Multifactor Authentication for high dollar wire transfer or ACH requests.

MFA, or out-of-band authentication, is one of the most effective ways to prevent wire fraud.

☑ Stay current with security patches.

Unpatched systems are one of the most common and preventable causes of cyber incidents. Enterprise security standards and cyber risk guidance consistently point to patching as a foundational control.

☑ Block geographic IP addresses from high-risk regions.

A disproportionate share of malicious traffic originates from high-risk regions. If filtering out this traffic presents a low probability of interfering with legitimate business, this action can reduce your cyber risk.

ABA Insurance Services cyber liability insureds benefit from the following risk management and loss control resources:

• A 24/7 toll-free breach hotline provided by BakerHostetler that offers phone access to a breach coach in the event of an actual or suspected breach.
• EagleEye, Great American’s cyber risk management platform that combines the NIST review of an organization’s cyber security posture with insights from continuous, external vulnerability scans and best-in-class cyber security ratings from SecurityScorecard.

---

Online portal may not be available at all times. This information provides guidance and is not intended as a legal interpretation of any federal, state or local laws, rules or regulations. The facts of any potential claims situation which may actually arise, and the terms, conditions, exclusions, and limitations in any policy in effect at that time, are unique. Thus, no representation is made that any specific insurance coverage applies. ABA Insurance Services Inc. (“ABAIS”) does not warrant that all potential hazards or conditions have been evaluated or can be controlled. Coverage may not be available in all states. The liability of ABAIS and its affiliates is limited to the terms, limits and conditions of the insurance policies issued by ABAIS.