As we wrap up October and Cybersecurity Awareness Month, I’d like to put forth a challenge: Think of risk mitigation not as a reminder of necessary defenses but as an opportunity to put innovative thinking to work.
At their core, risk mitigation and innovation are intricately tied. Neither is an individual project; they’re ways of doing business. With risk mitigation, as with innovation, the approach of “set and forget” doesn’t exist. Both need to be a part of the culture of the bank, and I find that the banks that take this to heart seek continuous improvement so that the new product or line of defense only gets better. That’s innovative thinking.
But looking at risk and innovation as two sides of the same coin begs the question, “How do you lead your organization to champion both?” Achieving that mindset comes down to three principles:
- Foster a culture of innovation — with risk mitigation in mind. Consider fraud, cyberattacks and other forms of risk as problems to be solved. Host brainstorming sessions. Assemble your organization and gain input. Create gamification tools, hackathons, innovation labs and more to build and test potential solutions. By encouraging this inventive, collaborative work, your organization will come out stronger. For instance, when First Community Bank and Trust instituted Beauceron Security’s more gamified approach to cyber training, its phishing email click-through rates plummeted from 15% to 20% to under 1%.
- Train, practice and proceed. Remain vigilant against emerging threats by training staff. Provide opportunities for formal education, such as sessions at Community Banker University (CBU). Join ICBA’s upcoming cyber exercises (see sidebar). Share your experiences with your bank peer group. These efforts steer us to a stronger understanding of the landscape and a path toward thwarting threats.
- Lead by example. Pursue positions in fraud and cyber groups. Consider new accreditations, including CBU’s Bank Security Certification. Identify technological solutions to support your bank’s needs. Demonstrate the role innovative thinking can play in risk mitigation.
You’ve heard the saying, “With great risk comes great reward.” While that may be true, in community banking, great risk mitigation — supported by innovative thinking — drives reward for our banks, our customers and our communities.
Charles E. Potts is ICBA’s Executive Vice President and Chief Innovation Officer.
ICBA Cyber and Data Security Exercises
In the following sessions, cybersecurity experts tailor training to the specific needs of community banks:
- CISA/ICBA Cyber Tabletop Exercise on December 6 at 12 p.m. eastern. Register online at icba.org/events.
- Bank Supply Chain Breach (downloadable resource)
- Core Provider Supply Chain Breach (downloadable resource)
Click the link below to visit ICBA’s online Operational Risk Resource Center for more information.
https://www.icba.org/solutions/operational-risk/cyber-and-data-security/exercises