The Fundamentals of Cyber Hygiene for Financial Institutions

For bank and nonbank financial institutions, the modern threat environment presents an ever-expanding horizon of significant adversaries and attack methods – all aimed at crippling operations, extorting money from the institution, or stealing customers’ sensitive personal information. In addition, the expanding world of artificial intelligence (AI), while introducing exciting new possibilities for institution efficiencies, also introduces new attack vectors and even AI-enhanced malware attacks for threat actors.

The Guide highlights the following critical threats against bank and nonbank financial institutions:

• Ransomware
• Geopolitical and hacktivist threats
• Social engineering and phishing
• Third-party risks
• Denial-of-service attacks (DoS/DDoS)
• Corporate account takeover (CATO)

The unavoidable truth is that today’s cyber threats evolve at such speed that constant attention is needed to protect the institution and its customers from potentially devastating consequences. Ensuring that your institution has a program of strong, fundamental cyber hygiene practices in place today can significantly increase security protections against these (and other) threats and make your institution a less attractive target for cyber criminals.