This past Mother’s Day, I was reminded that it is always nice to spend some time reminiscing with my Mom. Over the years, I have come to appreciate how Mom guided us five children down some pretty good paths. In her talks with us, she addressed quite a few important issues, among them such pillars as “manners matter” and “sharing is caring”. Mom was right, of course, and her tenets of wisdom also seem to apply to the financial services world these days.
Last week Thomas Curry, Comptroller of the Currency, Chairman of the FFIEC, stated at the annual Risk Management Association Governance, Compliance, and Operational Risk Conference, “I am struck by the increasing level of cooperation among banks to combat cyber threats and develop effective risk mitigation tactics.” That thought itself represents something of a cultural shift, as banks increasingly recognize that information sharing is not a competitive issue, but rather an essential component of a strategy to protect themselves and the entire financial sector.” With the recent spate of data breaches among large retailers, they are also following this intelligence sharing trend.
Over the past couple of years, I have been hosting a roundtable for our clients here at NICE Actimize that we call the Collaborative Intelligence Sharing Forum – it is exactly the kind of cooperation that is addressed by Chairman Curry in his remarks. The format for our meetings includes a thought leadership presentation followed by trend and intelligence sharing. In the Chairman’s announcement of the FFIEC plans for cyber security assessments, he stated that trend and intelligence sharing can help with specific supervisory expectations – and our group has found that to be true as well.
Based on some of our own Forum’s conversations, and inspired by Curry’s speech, we think that the updated risk assessments he referenced should consider, but not be limited, to:
- Changes to internal and external threat environments
- Changes to the customer base
- Changes in customer functionality offered via electronic banking
- Actual incidents of security breaches, ID theft, or fraud
I am encouraged by the “meeting of the minds” among our diverse group of Collaborative Intelligence Sharing Forum participants and our open discussions of critical issues – the group is becoming a trusted and informed brain trust that is really focused on some important issues such as consumer protection, a better customer experience and the institutions’ level of security and anti-fraud protections. In the relatively short time that this Forum has existed, I have seen the relationships between global subject matter experts strengthened and, subsequently, more sensitive issues like “threat mitigation”-related “what if’s” discussed much more proactively and thoroughly, likely influencing the FFIEC assessment or a bank’s own strategies, indirectly.
I am sure Mom would approve of our Forum’s approach to sharing, and we would all get to stay up an extra hour or get that special treat as a reward for our efforts. In the case of participating financial institutions, their reward just might be sleeping a little better at night knowing they share some of the same difficult issues as their colleagues at other institutions and are setting a path to solving these shared problems more quickly in this unity.