How BoA Tackles Cybersecurity With Metrics

Bank of America is enlisting the use of metrics and analytics in the ongoing fight against cyberattacks.

Bank of America is enlisting the use of metrics and analytics in the ongoing fight against cyberattacks.

While no single form of data analytics can predict where the next attack will come from, measuring progress in select security areas can better position the bank to halt or respond to problems when they arise, Bank of America Chief Operations and Technology Officer Catherine Bessant told The Wall Street Journal on Tuesday (July 28).

“Unlike most things in banking, where you model history to understand what is likely to happen in the future, that’s not true of cybersecurity,” Bessant said in an interview with WSJ.

“You’re only as good as your last minute of safety,” she added.

In today’s cybersecurity landscape, where data breaches and attacks develop and morph quickly, Bank of America CEO Brian Moynihan has said Bessant “doesn’t have a budget” when it comes to preparing the company’s cybersecurity efforts, WSJ reported.

Financial institutions remain a prime target for cybercrimes.

Just last year JPMorgan Chase confirmed a data breach where attackers accessed information on 83 million accounts – about 76 million households and 7 million small businesses — in the largest known financial data attack.

According to Bessant, Bank of America’s defense against cybersecurity includes two key metrics, one which tracks the frequency of system scans and another that counts the potential problems found as a result of those scans. By using this data, along with a measure of how long it takes to identify and remove problematic code, Bank of America is better prepared to adjust its processes accordingly in the detection and prevention of cyberattacks, WSJ reported.

Although, one of the most critical focus points the bank has when it comes to cybersecurity is attracting and maintaining the right staff for security positions.

Bessant told WSJ it requires constantly monitoring the percentage of top talent filling the roles as well as keeping track of potential successors. She noted the concern of turnover in the cybersecurity group, which is something other companies are attempting to manage as well.

“We look at our hiring power against the rest of the industry regarding all-stars,” she added. “There’s a war for talent every day.”

To check out what else is HOT in the world of payments, click here.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.

Click to comment