The annual cost of cyberattacks worldwide is enormous, and all indications are that it will grow exponentially in a future dominated by the digitalization of the economy and society. Cybercrime is becoming increasingly sophisticated and complex. Therefore, the response to combat it must also evolve and combine prevention, training, awareness, and technological solutions.
Cybersecurity must be a priority for everyone. 70% of European companies are not prepared to face threats via the Internet, despite the fact that the vast majority have already had negative experiences related to these crimes. Cyber risks can affect all business areas of a company and cause serious damage, both economic and reputational. In comparison, the cost of taking preventive measures is not excessively high. Moreover, protection against cyberattacks must be part of the survival and growth strategy of any company with an online presence.
Cybersecurity is a priority for banks, which employ all means at their disposal to guarantee the security of their customers and address the risks that will certainly emerge in the future. Despite their proven experience in protecting the personal and financial data of their customers, banks continuously review their capacity for defense, detection, and response to cyberattacks. The effort to improve is in their DNA. They put financial innovation at the service of this objective with tools such as big data or artificial intelligence, which are very useful for combating fraud that spreads digitally.
As banks strengthen their protective barriers, cyberattacks shift toward the weakest link in the chain, the customer: phishing, vishing, smishing… terms that refer to identity theft and other data breaches, financial scams, and virus infections on computers and mobile devices. The benefits and enormous possibilities offered by digitalization should not lead us to lower our guard against its risks. Cyber scams in most cases exploit the psychology and perception of individuals. The best prevention in this case relies on training and awareness.
The Spanish Banking Association periodically conducts public awareness campaigns together with security forces to prevent attacks by cybercriminals. In July, we joined the “No More Ransom” network, an initiative by law enforcement and the private sector that offers victims of online information theft and extortion an alternative solution to losing their valuable files or having to pay the money demanded by criminals. At the end of last year, we collaborated in the Europol and European Banking Federation campaign against money laundering through mules (European Money Mule Action). Citizens and businesses must be aware of cyber risks, because they affect them. And criminals must know of the unity of the public and private community against these crimes.
Authorities are aware of the breakneck speed of digitalization and the need for regulation to help limit the risks we all face in the new digital era. Banks are subject to strict regulation and demanding supervision that reinforces their already robust customer protection, but the same does not apply to other providers of banking services, large technology companies exempt from this type of oversight and control. Regulatory changes that have opened the door to competition from these companies must not leave security gaps that cybercriminals can exploit, for the good of the consumer.
José Luis Martínez Campuzano, spokesperson for the Spanish Banking Association
