By Roy Urrico
Finopotamus aims to highlight white papers, surveys, analyses and reports that provide a glimpse as to what is taking place and/or impacting credit unions and other organizations in the financial services industry.
A 2024 forecast of identity crime, financial institutions’ cybersecurity investments, and states with the most cybersecurity searches are among the cybersecurity reports.
ITRC Releases 2024 Predictions
The El Cajon, Calif.-based Identity Theft Resource Center (ITRC), a national nonprofit organization established to support victims of identity crime, released its 2024 predictions. Many of them, if correct, could impact credit unions and banks in some ways.
Top predictions include:
· An overestimation of the risk of artificial intelligence (AI) driven identity scams that impact large numbers, and an underestimation of the potential for targeted attacks on single or small groups of individuals. ITRC says the greatest risk from generative AI — which can yield various kinds of content, including text, imagery, audio and synthetic data — will continue to stem from mis- and dis-information.
· An unprecedented number of data breaches in 2023 by financially motivated and nation/state threat actors will drive new levels of identity crimes in 2024, especially impersonation and synthetic identity fraud. That will, in turn, drive more adoption of biometric-based identity verification (not recognition) tools to authenticate people.
· More states will adopt comprehensive data privacy and security laws. Congress will not.
· Privacy concerns over the use of biometrics will overshadow the legitimate use cases. “Even though there are safe and ethical uses of biometrics in the authentication and verification space (provided they are consent-based and privacy-centric), lawmakers and the public will push back due to this lack of awareness and understanding,” said the ITRC.
· The emotional toll of identity crimes will continue to increase, and assistance providers will struggle to meet the emotional recovery needs of victims. ITRC in its Consumer Impact Report earlier in 2023 noted that 16% of respondents contemplated suicide as a result of an identity crime.
Integris Finds Nearly Half of FIs Lack Confidence in Cybersecurity Investments
Austin, Texas-based managed service provider Integris revealed that 47% of financial institutions are not confident in their cybersecurity investments but are satisfied with their existing cybersecurity program.
These insights were identified in a recent survey of 2,271 executives at U.S. banks and discussed in Integris’ latest report, Understanding U.S. Banks' Annual IT Spend. The report also found only slightly more than half (53%) of banks believe they are spending enough on cybersecurity, while one in five think they spend too little.
However, according to Cal Roberson, director of strategic partnerships at Integris, “Banks face a serious dilemma. They must maintain a strong security posture but are faced with the significant potential for declining earnings, coupled with a shortage in resources and talent. As we move into a New Year, this will continue to be challenge, but banks must ensure robust security measures.”
With financial institutions holding a significant amount of customer information, their data is becoming just as valuable to bad actors as the cash they protect. The report suggested this means cybersecurity investments have never been more essential, helping to protect customer data, safeguard against potential breaches and maintain client trust. This is especially relevant in today’s digital banking environment. According to the survey, 30% of financial institutions rank cybersecurity as a top priority for IT spending in 2024.
In addition to these investments, financial institutions must also ensure regular and systematic evaluations of those investments and continuously assess the effectiveness of its processes and technology, as well as adapt to new challenges and technologies.
Which States Are Most Concerned About Cybersecurity?
Austin, Texas-based patch management software company NinjaOne analyzed Google search engine data for a collection of cybersecurity keywords for each state, and then compared findings with each state’s population to find which state is the most concerned about cybersecurity.
The top six states are:
1. Virginia with an average of 654 monthly searches per 100,000 residents, 28.11% above the national average. Overall, Virginians made an average of 56,858 monthly searches for cybersecurity-related topics. Overall, scams were the cybersecurity-related topic that interested Virginians the most, with scams and related terms generating an average of 12,128 searches each month.
2. Maryland with an average of 625 monthly searches per 100,000 residents, 22.29% above the national average. Marylanders made an overall average of 38,532 monthly searches for cybersecurity-related topics with phishing and its related terms generating the greatest interest with an average of 5,025 monthly searches overall.
3. Massachusetts with an average of 586 monthly searches per 100,000 residents, 14.79% over the average for America. The Bay State made an average of 40,963 monthly searches for cybersecurity-related topics with an average of 12,245 monthly searches for antivirus software, firewalls, and related topics.
4. Georgia with an average of 576 monthly searches per 100,000 residents, this value is 12.82% above the national average. Georgians searched cybersecurity topics an average of 62,924 times monthly overall.
5. Florida with an average of 576 monthly searches per 100,000 residents. Floridians made an average of 128,254 monthly searches for cybersecurity-related topics overall and their searches per 100,000 residents was 12.81% above the national average.
6. New York with an average of 576 monthly searches per 100,000 residents, 12.71% greater than the national average. New Yorkers searched cybersecurity-related topics an average of 113,355 each month overall.