Business & Finance

Education is Key to Curbing Cybercrime

EAST BRUNSWICK, NJ - Prior to the existence of the Internet, criminals had to break and enter, intercept mail or dig through garbage to steal personally identifiable information. Only 25 years ago, illegally accessing a person’s bank account would have required forgery and a visit to the bank. This could take hours and would place the perpetrator under the scrutiny of bank tellers, other customers and security cameras. It also would leave clear evidence of a crime.

Now that most of society’s information is available and exchanged with the ease of a click online, criminals can leverage the Internet to steal account credentials, money, identities, sensitive intellectual property and private data. The Internet provides anonymity, global reach, an expansive list of targets and an atmosphere where one simple click of a mouse can do damage equivalent to what a bullet or a bomb might do in the real world.

All things considered, the Internet has become the ultimate attack platform for criminals — and cybercrime is becoming almost everything in crime. To combat this, certain technologies are necessary, but so is proper training.

Sign Up for E-News

A real, virtual threat

Mortgage-banking transactions require the transmission, collection and storage of banking statements, tax returns and W-2 forms, driver’s licenses, pay stubs and more sensitive information. Because of this, the nature of typical mortgage transactions and the way they are carried out make the entire home-lending sector a compelling target for cybercriminals.

Most mortgage lenders understand the threat and have already invested heavily in the latest security technologies to secure their computing networks. Many have developed and implemented policies and procedures that help them operate efficiently and meet legal and regulatory requirements. Even with all of that, these same organizations’ losses to security breaches continue to grow each year. This is because the problem is not so much the result of the security technologies deployed to protect their networks or the processes that they have in place as it is a consequence of the lack of security savvy among their internal users.

All too often, security breaches are caused by users doing something they shouldn’t, like clicking a malicious link in an e-mail, opening a tainted e-mail attachment, using weak passwords, losing portable devices with confidential data or being tricked into giving up their passwords through social-engineering attacks. In fact, several industry-data estimates indicate that more than 80 percent of successful data thefts began with users doing something that they shouldn’t have. But there is no simple answer to this problem, and potential solutions raise difficult questions:

  • Is it the responsibility of employers to regulate how their employees configure their home computing networks?
  • Should employers tell their employees what they can post to their personal social media sites?
  • Should employers dictate what type of mobile devices their employees use in their personal lives and how they can and cannot use them?

A 2015 study by CompTIA, an IT industry trade association, surveyed hundreds of end users and documented the most significant sources of human error. Forty-two percent of respondents said there was a failure to follow general policies and procedures, with the same number citing general carelessness. Thirty-one percent blamed a failure to keep up with the latest security threats.

Attackers have different motivations, including financial gain, to steal IP or other sensitive data. Other motives include retribution or revenge, competition and/or to challenge authority.

Online security breaches come in many varieties and include website defacements, identity thefts, sophisticated thefts of large amounts of data or sums of money and everything in between. Although attacks may be unique, many share one commonality: human mistakes as the root cause of these compromises. Because of this, getting end users to properly identify and respond to security threats is one of the most significant challenges facing organizations today.

Training to protect

Implementing an information security- awareness training program for employees can help mortgage-banking companies avoid this threat. The programs should include curriculum specific to the company’s security policies and procedures, including social media, acceptable-use, data-retention and bring-your-own-device policies, when applicable.

Training programs should also educate users on the potential threat of malicious insiders and include “If you see something, say something” messaging. During the training program, each employee should also be asked to read and accept company policy, which puts them on notice that they must be vigilant about security in the workplace. This projects a clear message to employees that security is everyone’s responsibility.

Training should be enhanced with creative tests or studies that measure personnel awareness, such as e-mail phishing studies. Repeat, frequent testing will mature end users from a security standpoint, and also allows the company to gauge improvement in internal-security awareness over time.

•  •  • 

Modern mortgage-banking businesses are now online, Internet-driven and collecting more personal consumer data from their customers than most other commercial industries. Because of this, the entire sector is quickly becoming a desirable target for cyberattackers. One of the most effective and cost-efficient countermeasures is to train staff to avoid, recognize and respond to cyber threats. It is critical that mortgage companies educate staff and raise awareness about this serious growing threat before costly and irreparable information security compromises can occur. 

*By Paul Lewis, vice president of technology risk, T&M Protection Resources; and Jeff Bernstein, managing director, T&M Protection Resources

 

 

 

TAP Into Another Town's News:

You May Also Be Interested In

Sign Up for E-News

Milltown/Spotswood

Saint Peter's Fights Against Fatal Cardiac Arrests on the Playing Field

February 17, 2018

NEW BRUNSWICK, NJ - On a particular Tuesday evening, Jim Fisher stood in front of a group of coaches and doctors at the newly ​-​ renovated, start-of-the-art simulation center at Saint Peter’s University Hospital in New Brunswick.

Jim’s son, Sean, died in Aug ​just​ 2008, as a result of an undetected heart defect. He was just about to turn 13. The two and their family are ...

Big Little Railroad Shop in Somerville Runs Out of Steam; Store Closing

February 18, 2018

SOMERVILLE, NJ – The Big Little Railroad Shop, an iconic retail store for 27 years and a fixture on Main Street most of those years has run out of steam.

The hobby shop for serious model railroaders, which first opened in 1991, is selling out its inventory at reduced prices, and will close its doors at 63 W. Main St. for the final time on Sunday, Feb. 25.

Owner Jen Lush and her ...

Upcoming Events

Sun, February 18, 3:00 PM

State Theatre New Jersey, New Brunswick

Hot Latin Nights With The Mambo Kings

Arts & Entertainment

Sun, February 18, 3:00 PM

State Theatre New Jersey in New Brunswick, New Brunswick

New Jersey Symphony Orchestra: Hot Latin Nights ...

Mon, February 19

State Theatre New Jersey, New Brunswick

Mr. Popper's Penguins

Arts & Entertainment

Author Donates Portion Of Sales To Equestrian Aid Foundation

February 18, 2018

WELLINGTON, Fla. — Author Shane Ledyard will donate a portion of the paperback sales of his latest book, “Sycamore Whispers,” to the Equestrian Aid Foundation through February.

Equestrian Aid Foundation provides financial assistance to horse people from all corners of the U.S. equestrian world who are facing catastrophic injury or illness.

Purchase “Sycamore ...

Travels Spotlight - Coast Guard Ends Search for Fishermen Lost at Sea, Fund Established to Help Family

February 18, 2018

TAPintoTravels is here to promote travel whether it is for work or pleasure.  Most of our reporting is fun and helpful.  However on rare occasions, we do have to report on heart breaking stories.  It is always hardest when it involves men with families that have been lost at sea.  Please consider assisting this family in need and keep them in your thoughts or ...

Super Carb Diet by Bob Harper

Super Carb Diet by Bob Harper with Danny Pellegrino (St. Martin's Press, 2017)

It's hard to go on a serious diet, one on which you expect to be successful and maintain a loss. Fortunately, in his new book Super Carb Diet, Bob Harper has given the weight watching world a sensible new diet plan to help achieve a healthy weight.

Harper, host of NBC's popular show The Biggest Loser, ...

Two Nights by Kathy Reichs

Two Nights by Kathy Reichs (Bantom,2017)

How does a writer of a beloved series like Harry Potter or Temperance Brennan break out of their readers' expectations and try something new? For J.K. Rowlings it was the novels penned under the pseudonym Robert Galbraith; books about a maimed and very flawed private detective with the unlikely name of Cormoran Strike. For Kathy Reichs, it is the ...

'What Stays' exposes family secrets and lies

‘What Stays’ exposes family secrets, resentment and lies

By Liz Keill

SUMMIT, NJ – In an original play by Laura Ekstrand and Jason Szamreta, the Dreamcatcher Repertory Theatre has provided an enlightening, funny and heart-felt view of family foibles.

Ekstrand has said that the germ of the play came from conversations with the ensemble members of the troupe, based on ...

'American Hero' explores with powerful performances

‘American Hero’ pulses with tension, clashing emotions at George Street

By Liz Keill

NEW BRUNWICK – The issue of social injustice makes its way into “American Hero,” the second play in a trilogy by Christopher Demo-Brown.

Armand Schultz as Rob is to receive a medal of honor for his heroic actions during the Iraq war. Although he lost the use of his legs, he ...