A steady stream of negative headlines can have an upside. The intensifying focus on the threat that cyber crime poses to the financial sector seems to be having a postitive effect in terms of minimizing losses.
According to testimony at a September hearing before the U.S. House Financial Services Committee, losses to financial institutions and their customers as a result of cyber-related fraud had declined over the previous 18 months, even though the number of attacks increased.
The findings came from the Financial Services Information Sharing and Analysis Center, an organization dedicated to fighting cybercrime. Its members include thousands of banks, credit unions, insurance companies and payment processors.
"Statistics indicate financial institutions are doing a better job of stopping fraudulent transactions from being created and from funds leaving the financial institution," said William Nelson, the organization's president.
In 2009, 63 percent of reported takeovers of commercial accounts resulted in funds being sent out of the financial institution, according to survey data cited in Nelson's testimony. In the first six months of 2010, that number fell to 36 percent.
Likewise, the percentage of cases where monetary transactions were created but the funds were stopped before they left the financial institution rose from 20 percent to 36 percent during the same time period.
Notwithstanding the progress, witnesses at the hearing testified about the need for greater vigilance and better collaboration between government and private industry. "The bottom line is: No one entity has all the information; it takes teamwork to bring all the pieces together to complete the picture," said Greg Garcia, a cybersecurity expert for Bank of America. "Most acknowledge that actionable-threat information that is not shared is useless information."
Democratic and Republican lawmakers at the hearing were on the same page about the importance of the cyber crime threat.
"This year alone there have been numerous security breaches and attacks on private companies, federal agencies, and financial institutions," said Rep. Shelley Moore Capito, R-W.Va., the subcommittee's chair. "These threats are especially acute in the financial services industry."
Rep. Carolyn Maloney of New York, the subcommittee's top Democrat, warned, "There is no such thing as a completely secure network. And the cost to secure these systems is extremely high, both in terms of protecting against hacking incidents and combating them when they happen."
