How Banks Can Market Their Incident Response Readiness

Do you trust your security posture enough to tell your customers about it? You should.

Summary: Regional banks face increasing cybersecurity threats, with breaches in 2024 affecting millions of customers across various financial institutions. Effective incident response planning is crucial in maintaining customer trust. Banks can leverage their cybersecurity investment as a marketing tool by communicating security efforts and offering education to differentiate themselves.

In today’s digital landscape, more businesses of all sizes are impacted by malicious users and ransomware. Recent events have highlighted the importance of robust security measures for financial institutions, particularly for those serving local communities. Regional banks are increasingly targeted due to their potentially less sophisticated security infrastructure, when compared to larger institutions.

While the news paints a picture of ransomware targeting large enterprise organizations, breaches are seen across the country. This graph below from Comparitech showcases the broad reach of ransomware across both urban and rural communities in the Northeast, expanding the growing threat to regional banks and credit unions.

The Role of Incident Response in Building Trust

Incident response planning is essential for managing cyber threats and safeguarding customer data. A well-structured plan ensures that banks can swiftly address security breaches, minimizing operational disruptions and financial losses. And on the other hand, failure to effectively manage and respond to incidents will impact customer trust and lead to lost business and regulatory penalties.

A Strong Incident Response

The recent incident involving Tri State Area Federal Credit Union (TSAFCU)¹ in New York provides a relevant example of cybersecurity challenges faced by regional financial institutions: In May 2024, TSAFCU, a community credit union based in Hoosick Falls, New York, experienced a data breach that potentially exposed sensitive personal information of over 2,700 individuals. The breach occurred when an unauthorized actor gained access to an employee’s email account between May 9 and May 10, 2024. This incident highlights several key points:

1. Insider Threats: While not directly related to a malicious insider in this case, it demonstrates how compromised employee accounts can lead to significant data breaches.
2. Email Security: The breach originated from the credit union’s email environment, emphasizing the need for robust email security measures and multi-factor authentication.
3. Rapid Response: TSAFCU detected the suspicious activity quickly, launched an investigation, and took steps to identify affected individuals.
4. Transparency: The credit union reported the breach to the Attorney General and began notifying affected individuals on August 19, 2024, demonstrating a commitment to transparency and compliance with data breach notification laws.
5. Customer Protection: TSAFCU offered 12 months of complimentary credit monitoring services to affected individuals, showcasing a proactive approach to mitigating potential harm to customers.

Leveraging Incident Response Planning as a Marketing Tool

It’s a fact, all financial customers worry if their accounts are secure. We’ve all heard stories from friends that their accounts were hacked and they’ve lost money, or that they’ve received fraud alerts and their identities were stolen.

By showcasing their security capabilities, banks can build confidence and help put some of these concerns to rest. It’s also a great opportunity to take the additional step and educate customers on their role in keeping their accounts secure, explain why the frustration of MFA is worth it, and why they should enroll.

While many organizations have suffered a breach, the TSAFCU response was swift and relatively contained, and limited damage to their reputation and to their customers. The time and financial investment in security measures doesn’t need to go unnoticed until there’s a breach, banks and credit unions have an opportunity to reassure their customers today and leverage the investment as a differentiator, without revealing sensitive details:

1. Transparency and Communication: Clearly communicate your incident response capabilities to customers through newsletters, social media updates, and website content. Highlight your bank’s proactive measures and readiness to handle potential threats, like TEG Federal Credit Union’s Fraud and Security publication.
2. Showcase Your Tech Team: A business’ IT and SOC team is usually not the face of a business, we’re generally considered “back office.” If you’ve made the investment in hiring a strong team, why not showcase them on social media and let customers know your business is committed to hiring the best to protect their data.
3. Customer Education: Offer workshops or webinars on fraud and cybersecurity best practices, positioning your bank as a partner in protecting customer data. Tompkins Community Bank’s business fraud workshops are a great example of this. These workshops work as a great lunch and learn and opportunity to get more of your customer’s mind share. Reuse your workshops’ content for online publications like this one by Orange Bank and Trust.
4. Certifications and Compliance: Showcase any cybersecurity certifications or compliance with standards like SOC 2 or ISO 27001 in marketing materials to reassure customers of your commitment to security.
5. Highlight Security Features: Promote advanced security features such as multi-factor authentication and real-time fraud alerts as part of your banking services, here’s an example from Hudson Valley Credit Union.
6. Publicize Incident Readiness: Without revealing the details, share how your bank is prepared to respond swiftly to incidents, emphasizing your dedication to safeguarding customer information. TD Bank did so by publishing an thorough, external version of their Enterprise Business Continuity and Crisis/Incident Management.

Engaging Technology Advisory Services

Partnering with technology advisory services can enhance your bank’s cybersecurity posture. These experts can help identify areas you need to add protection and identify opportunities to create budget for them. By working with advisors like Salt Peak, banks of all sizes can access CIO-level expertise to ensure they are prepared for emerging threats.

Incorporating incident response planning into your communications strategy not only enhances security but also builds customer trust. By demonstrating a commitment to protecting assets and personal information, banks can differentiate themselves in a competitive market. Contact Salt Peak today to strengthen your cybersecurity defenses and leverage them as a powerful tool for reassuring your customers.

1. Tri State Area Federal Credit Union Breached – August 20, 2024 | Cybermaterial ↩︎