If you run the IT department of a small to medium-sized bank or credit union, you’re used to having a lot on your plate. Let’s face it: you may be the IT Department. Without the budget and massive staff of one of the Big Four banks, your to-do list is huge. Do you have time for cybersecurity?

Cybersecurity in financial services Is crucial, from stopping hacking to meeting compliance needs, but you don’t have the time or budget to think about it much. Coro has surveyed scores of financial institutions just like yours. After the survey, we found that companies like yours often overpay for cybersecurity that underdelivers.

Often, your cybersecurity package is too big or you patch together a solution from multiple small vendors.

The problem comes from within

Cybersecurity threats come in many forms. The average business is cyber-attacked every twelve seconds (!),but your number one threat comes from inside the house. Most security breaches are a result of employees not following security best practices. These aren’t criminals working from the inside — they are your honest, friendly co-workers, doing their jobs as productively and smoothly as they can, but they’re not locking the front door. As a result, familiarizing your employees with and enforcing these policies can make a huge difference. At Coro we believe that security shouldn’t come at a great cost, so here are some free but effective things you can do today.  

7 things you can do for free to strengthen cybersecurity: 

Always use a private Wi-Fi network (with a complex password!)
Never use personal emails on company devices.
Don’t allow use of unauthorized third-party apps
Use 2-factor authentication. 2FA asks you to confirm your identity after entering a password. This means that even if someone steals your password, they still can’t log in to your account.
Enforce a policy of using passwords with upper- and lower-case letters, a number and special characters. SOm3tHinG.LikE_Thi5!
Forbid non-employees from using work-issued devices
Sign up for free monitoring from Coro Cybersecurity

Bad actors are like water: they will look for entry via the path of least resistance. Bots can try almost endless variations of passwords at once. Since they only need one success to compromise your whole workforce, they’re going to try the common passwords first. In fact, these are the 10 most common passwords in use today: 

1. 123456 

2. 123456789 

3. qwerty 

4. password 

5. 12345 

6. qwerty123 

7. 1q2w3e 

8. 12345678 

9. 111111 

10. 1234567890 

Research shows that cyber attackers are 300x more likely to target financial firms than other verticals. Obviously, that’s where the money is.

Coro co-founder Dror Liwer is keenly aware of the cybersecurity threats that face companies like yours:

“While much of the transaction volume and account dollars are focused within the top five U.S. banks in the United States, thousands of smaller banks, credit unions, and investment firms manage accounts for customers throughout the country. These smaller financial firms are rapidly becoming targets for cyber-attacks as they often boast broad customer data and accounts, and do not have robust security measures in place as other larger financial institutions.”

This means bad actors can collect on a large payday without little potential challenge to their attack. It’s typical bully behavior. These cybercriminals are picking on you because they know you‘re understaffed, under-budgeted, and overtasked.